ca.topnews.media Open in urlscan Pro
93.77.0.31 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Submission: On June 13 via manual (June 13th 2022, 11:07:29 am UTC) from AU — Scanned from DE

Summary HTTP 156 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 34 domains to perform 156 HTTP transactions. The main IP is 93.77.0.31, located in Khmelnytskyi, Ukraine and belongs to VOLIA-AS, UA. The main domain is ca.topnews.media.
TLS certificate: Issued by R3 on June 5th 2022. Valid for: 3 months.

This is the only time ca.topnews.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	93.77.0.31 93.77.0.31	25229 (VOLIA-AS) (VOLIA-AS)
12	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
7	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
9	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
10	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	52.214.225.206 52.214.225.206	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
3 3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	46.236.35.87 46.236.35.87	12703 (PULSANT-AS) (PULSANT-AS)
9	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
2	34.254.130.126 34.254.130.126	16509 (AMAZON-02) (AMAZON-02)
156	40

29 93.77.0.31 (Khmelnytskyi, Ukraine)

ASN25229 (VOLIA-AS, UA)
PTR: 93.77.0.31.khm.volia.net

ca.topnews.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

aprilineffective.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.225.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-225-206.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.35.87 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-35-87.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.130.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-130-126.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	topnews.media ca.topnews.media	413 KB
21	wp.com i0.wp.com — Cisco Umbrella Rank: 3022 c0.wp.com — Cisco Umbrella Rank: 6860 stats.wp.com — Cisco Umbrella Rank: 2652 pixel.wp.com — Cisco Umbrella Rank: 2420	476 KB
18	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 48 cm.g.doubleclick.net — Cisco Umbrella Rank: 206 ad.doubleclick.net — Cisco Umbrella Rank: 185	31 KB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 146	223 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 2404 ad4m.at — Cisco Umbrella Rank: 2009 assets.ad4m.at — Cisco Umbrella Rank: 39185	308 KB
11	criteo.net static.criteo.net — Cisco Umbrella Rank: 613 pix.eu.criteo.net — Cisco Umbrella Rank: 7424 csm.eu.criteo.net — Cisco Umbrella Rank: 7582	172 KB
9	aprilineffective.com aprilineffective.com
6	google.com adservice.google.com — Cisco Umbrella Rank: 82 www.google.com — Cisco Umbrella Rank: 4	1 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18308 api.webgains.io — Cisco Umbrella Rank: 54348	52 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11628 ads.eu.criteo.com — Cisco Umbrella Rank: 7616 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9599	53 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 602	1 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8201	1 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 40398	87 KB
2	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 15284	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1744	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 539	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 321	921 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 908	705 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1010	793 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 172	86 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 96572 static-de.ad4mat.net — Cisco Umbrella Rank: 151290	4 KB
2	w.org s.w.org — Cisco Umbrella Rank: 687	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	314 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	110 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 47	20 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	5 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 73060	915 B
1	zenaps.com 1 redirects www.zenaps.com — Cisco Umbrella Rank: 19310	698 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 79450	518 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 2976	375 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1523	350 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 601	98 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 816	645 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 80	39 KB
156	34

	Domain	Requested by
29	ca.topnews.media	ca.topnews.media c0.wp.com
12	i0.wp.com	ca.topnews.media
10	cm.g.doubleclick.net	googleads.g.doubleclick.net ca.topnews.media
9	static.criteo.net	ads.eu.criteo.com
9	aprilineffective.com	ca.topnews.media
8	pagead2.googlesyndication.com	ca.topnews.media pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	c0.wp.com	ca.topnews.media
6	assets.ad4m.at	as.ad4m.at
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com ca.topnews.media googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	image6.pubmatic.com	3 redirects
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	api.webgains.io	analytics.webgains.io
2	track.webgains.com	as.ad4m.at
2	www.awin1.com	2 redirects
2	ad.doubleclick.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	odr.mookie1.com	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	s.w.org	ca.topnews.media
2	www.facebook.com	ca.topnews.media
2	connect.facebook.net	ca.topnews.media connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	analytics.webgains.io	track.webgains.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	pix.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	www.conrad.de	as.ad4m.at
1	www.zenaps.com	1 redirects
1	banner.congstar.de	as.ad4m.at
1	pixel.everesttech.net	1 redirects
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	static-de.ad4mat.net	as.ad4m.at
1	rtb.openx.net	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	ca.topnews.media
1	pixel.wp.com	ca.topnews.media
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.wp.com	ca.topnews.media
1	www.googletagmanager.com	ca.topnews.media
156	49

This site contains links to these domains. Also see Links.

Domain
crypto-news.topnews.media
topnews.media
www.unn.com.ua
www.unsch.edu.pe

Subject Issuer	Validity	Valid
ca.topnews.media R3	`2022-06-05` - `2022-09-03`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
aprilineffective.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-22` - `2022-06-20`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2021-11-24` - `2022-12-25`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-04-19` - `2022-07-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-13` - `2023-06-08`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-12` - `2022-09-12`	3 months	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Frame ID: 9B8D36563FCDC08AD8B7F510FF9A1E62
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/zrt_lookup.html
Frame ID: 2FE7961B28689B495EC1E4F8CE548CB7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&adk=2969136045&adf=3689892565&lmt=1655118440&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118440079&bpp=2&bdt=280&idt=102&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2742373256719&frm=20&pv=2&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=118
Frame ID: FB5B268DBA60D1D8549F22E5359361EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=7802967237&adk=3806675401&adf=2653011959&pi=t.ma~as.7802967237&w=388&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=388x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442210&bpp=6&bdt=2411&idt=6&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wt4hBGKIWe&p=https%3A//ca.topnews.media&dtd=12
Frame ID: 62CFCDBA0E112B9DEA688D1CF6A22B8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=9092794331&adk=92259808&adf=2442409221&pi=t.ma~as.9092794331&w=1200&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442326&bpp=1&bdt=2526&idt=2&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0%2C388x280&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3nVaI2Bpgy&p=https%3A//ca.topnews.media&dtd=25
Frame ID: 8C4A11DDE7F0E2A5A1E91AC8C40ABBCC
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EE8DDCC12FDE96853AB919E75E5235CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CQN3rahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMACT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeWuYryuBpwhaWmbmtZ2RvGnquPWIKe9nfJSY7-NFJi-AAK5IVHzqABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMzU1MDM1Nzg3ODQ1NDExGAA&sigh=ErPDInLkEzA&uach_m=[UACH]&cid=CAQSPACNIrLMVn8LHJIKLOYW2LxefscorEpfuefJFk-zMJeftg2DQ1sBNeSBfod_kt-aCmVL7ilKV5u6cikFfxgB
Frame ID: AA51209CED8B09B450D7A6191B6849C2
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hzsx4zf4f11h4s7a907hcvbam80h8s8vq2txx024he0kkqmvwrbh7jsfznwp1gk1deb8swpmnmxrv4drsxxwf4t1ear7mszbsn12xmr1nzp6arbbkrabjeav6zxptdh2a4106xaqf5r5f82c99rx228wymg21vamw0jbmzdcg6zpb4jke56059m0nn5dp28wx2y4wc1d1yr6excmdhmknhxm2htz9zwpz01y3nhmngevyxsab59j77rw91x916kda82krg0hsa4bzfhynxtexxtkwnm8he7hb8mnj02t56tejntw8vrhy8mp29yb39c63maa4dbykj2s4thgwz5pnr3vwjmdy4cjb4q39e8htmnyk7fhcmg75vndxkytk8hpt80s1ed0q3gzzkz9a83v2te4fv4qjqzcm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%26client%3Dca-pub-3355035787845411%26adurl%3D
Frame ID: 58BE13E87AEA1A5E8723F4D1F12BE3E2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0CF1585A76221113A79184ADAA50AEAA
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4316986CE4119A399D15B6E4C5F6E126
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqcaagANrOkK7dVYAAo0z9yhtZIPt4bvR1U6Eg&u=%7Cft7ZCjuJwTLQKb89XhrMpeoHgJVe5PxthY9EqEB6Fpk%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdgtBH6KllqllAY4WLkl56pRWPZRFcFl5ac0_uOlWYITUqgc9NZeQ1DSoHMRODarEMaP3KaGClxug4QwEJcSa9sTSrdEWgGeji2-maVDV7DHYr3zKBgwlBqXjMjCP04sno6CKTbsykSLSBOkPrDtShYHVYnG9cIyfM0ww0mavECGIk-pLznHz9NGM_OWyalOenD3WehuJqDiMddi2pMZuiwk2FQdyLTm5iZxE7MPu6S9eaSaVvJWxIklThR2S5LkTXnNLTOfkzuFNy5h8cTkgS9UJrpS4k0IdkVStkvmqDubeMF_g0H8ZmZhyhLM7yz4rg21k_ldydx9wKR9pbqclALq4eovgdcMnKTA7zPI5XwWHirngCZqqHFC3bn6K6d7xUwhpdgqzg1F6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa9rrahqnYunZNtiqtwfP6ajICMme0rFc9ZHevrEBwI23ARABIABglfKwgrgHggEXY2EtcHViLTMzNTUwMzU3ODc4NDU0MTGgAdW20uoDyAEJqQJHg1yb0Y2xPqgDAaoExAJP0Hbxfy4byyBmWzjd-OG3Oa8kfGJSkHjQlDADRatiX2kFAw_3saL6fIrvsRo8hXeb0y5JxYeMxWq40lBHbDWDIxE8fJuywR9s6FzJ4_0IWWyDDe2_ilYtLsNhLJefwXq9CsO04kxl7-l4aCUPlD3AlI-oHaraalNNFICNUM1n9vw7pnbZWYl3xOx3xa3FhCkn9OPV9rfrEa6CtOOQg-a3RcOK2lCjzq0denBOwqDu1ipOa2CtF7w3-d08NbKvcOQD4l3pn8Vuqr8999nxcdcWM-ztyvs8L521en_1PLLkhQUaN7sZjYSHqHGAdxQDO31iF4IKhRJ2pzi39tk0lMRsGKlU1Uy0Xak2-j6Y9ZCofAuHVwphFVbd6_y3W9mUPtlGT0dt4LIGvJ1Wbkv8WCoC6jMJ2BME26D5VIkNib8WXM0qNjSABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2T2GyVukAT1LE7MLUxZHE91WO1-Q%26client%3Dca-pub-3355035787845411%26adurl%3D
Frame ID: 9D231F1C28D0AEE8A398018A3A5EA1C6
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7B2C80FD00FA8F91C39AF315D83FD15E
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=1poABODXc6uBLerpCtBOkbASyYtzBjBf&g=e6063f3cded143a1fecefe3bd5a1a94a%2F6001507813752181719&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1655118443095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%2526client%253Dca-pub-3355035787845411%2526adurl%253D&y=1&s=&z=0
Frame ID: D1D44DF4D5DD5242A0EE36B50DAA3719
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 406A21DBDD88E8CB78AD487FEA4F34CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FFBEB60EC083235680D36305187E7C75
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pfizer vaccines are safe and effective for young children - FDA - news on UNN - Canada News from TOPNews

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

156
Requests

92 %
HTTPS

46 %
IPv6

34
Domains

49
Subdomains

40
IPs

6
Countries

2085 kB
Transfer

4084 kB
Size

41
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://crypto-news.topnews.media/
Title: CRYPTO NEWS

Search URL Search Domain Scan URL

URL: https://topnews.media/add
Title: ADD

Search URL Search Domain Scan URL

URL: https://topnews.media/remove
Title: REMOVE

Search URL Search Domain Scan URL

URL: https://topnews.media/adversting
Title: ADVERSTING

Search URL Search Domain Scan URL

URL: https://topnews.media/contact
Title: CONTACT

Search URL Search Domain Scan URL

URL: https://www.unn.com.ua/uk/news/1980988-vaktsinu-moderna-u-ssha-mozhut-skhvaliti-dlya-ditey-z-6-misyatsiv
Title: can approve

Search URL Search Domain Scan URL

URL: https://www.unn.com.ua/uk/news/1981094-vaktsini-pfizer-bezpechni-ta-efektivni-dlya-malenkikh-ditey-fda
Title: Source link Telegram

Search URL Search Domain Scan URL

URL: https://www.unsch.edu.pe/video/subbotniy-efir-na-solov-ev-live-12-06-2022_5ffeacb3f.html

Search URL Search Domain Scan URL

URL: https://www.unsch.edu.pe/video/solov-ev-live-polnyy-kontakt-12-iyunya-2022_d20edd3bd.html

Search URL Search Domain Scan URL

URL: https://www.unsch.edu.pe/video/solov-ev-live-bol-shoy-efir-sosnovskogo-u-karnauhova-12-iyunya-2022_98b7454cf.html

Search URL Search Domain Scan URL

URL: https://www.unsch.edu.pe/video/smotret-onlayn-solov-ev-live-efir-ot-12-06-2022_80fd0dd24.html

Search URL Search Domain Scan URL

URL: https://www.unsch.edu.pe/video/pryamoy-efir-solov-ev-live-smotret-onlayn-ot-12-06-2022_424638144.html

Search URL Search Domain Scan URL

URL: https://www.unsch.edu.pe/video/60-minut-pryamoy-efir-12-06-22-v-11-30-i-17-30_ad511e24c.html

Search URL Search Domain Scan URL

URL: https://www.unsch.edu.pe/video/60-minut-12-06-2022-po-goryachim-sledam-dnevnoy-vypusk-1_92acb482e.html

Search URL Search Domain Scan URL

URL: https://www.unsch.edu.pe/video/60-minut-dnevnoy-efir-12-06-2022_10d7037d2.html

Search URL Search Domain Scan URL

URL: https://www.unsch.edu.pe/video/60-minut-dnevnoy-efir-12-06-2022-60-minut-posledniy-vypusk-segodnya-12-iyunya-2022_ec50ea34a.html

Search URL Search Domain Scan URL

URL: https://www.unsch.edu.pe/video/60-minut-12-06-2022-po-goryachim-sledam-dnevnoy-vypusk_99d56e5a2.html

Search URL Search Domain Scan URL

URL: https://www.unsch.edu.pe/video/polnyy-kontakt-solov-ev-live-12-06-2022-pryamoy-efir_5c18b73db.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMJjUWruUek6QICLdq_ybCc&google_cver=1&google_push=ARnp8GCQPU7zSocgmOMDg_-n40McTsWtkhn17fxL4J2KSEH38tin6BuokKBdvbN6KIjS7agkt684ve8jdZva_8U_PqSv0GnHuxE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMJjUWruUek6QICLdq_ybCc&google_cver=1&google_push=ARnp8GCQPU7zSocgmOMDg_-n40McTsWtkhn17fxL4J2KSEH38tin6BuokKBdvbN6KIjS7agkt684ve8jdZva_8U_PqSv0GnHuxE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dcg5DCtrSOSrUwc-roXa2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCQPU7zSocgmOMDg_-n40McTsWtkhn17fxL4J2KSEH38tin6BuokKBdvbN6KIjS7agkt684ve8jdZva_8U_PqSv0GnHuxE

Request Chain 95

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELXhvpy6ikFYE5XSBuFHX20&google_cver=1&google_push=ARnp8GA-P3AfXR3o0anQsGsqxXtPrDbCiPdulSRoKzVsDplRHQqbOjTsX9GhwdN8yBiCm_Pxeo9YvrW0O5789G4ETNNH75cb6UA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRDTVNDMEctMVctSzFHQw==&google_push=ARnp8GA-P3AfXR3o0anQsGsqxXtPrDbCiPdulSRoKzVsDplRHQqbOjTsX9GhwdN8yBiCm_Pxeo9YvrW0O5789G4ETNNH75cb6UA

Request Chain 96

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAdtOiXo72cLvAFDe4zg-KQ&google_cver=1&google_push=ARnp8GAbRLWcmTUOxrHHadM91WzLp7iK72gfZNJ1-Q2lmu4GTCdQfxmA_-2bvErGiHKYwHowzUkpCDcdw6D_0juzfMffs3u5iQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAdtOiXo72cLvAFDe4zg-KQ&google_push=ARnp8GAbRLWcmTUOxrHHadM91WzLp7iK72gfZNJ1-Q2lmu4GTCdQfxmA_-2bvErGiHKYwHowzUkpCDcdw6D_0juzfMffs3u5iQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqcaauDc7SOI4Vk44E4UXAAABK4AAAIB&google_push=ARnp8GAbRLWcmTUOxrHHadM91WzLp7iK72gfZNJ1-Q2lmu4GTCdQfxmA_-2bvErGiHKYwHowzUkpCDcdw6D_0juzfMffs3u5iQ&google_cver=1&google_gid=CAESEAdtOiXo72cLvAFDe4zg-KQ

Request Chain 113

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFxlRYl8kVjoxTDRKELSOX8&google_cver=1&google_push=ARnp8GCvRm2xvcdV0A55ig8N2h4N2SZFbYAkkAZgczVlHmwZcSXYufls4y_Gp1xU7PfgiWD1CMRh0qVOGm2DUSnZqe8iN-b7uBYY HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GCvRm2xvcdV0A55ig8N2h4N2SZFbYAkkAZgczVlHmwZcSXYufls4y_Gp1xU7PfgiWD1CMRh0qVOGm2DUSnZqe8iN-b7uBYY&google_hm=4Bo4VghE_Sr-M5jm8t4szw

Request Chain 114

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GDZwHVeu14g3Pq4O5cmCFpK6Q-fk8EY3AgNKK8RFMMXoppXOmrp-1zaOBKAbs5QAy2wnbDFoJ9WwnynUlbUfPjWwL7nrPc&google_gid=CAESEBauXVH2X0ic1ZqrN8k2MVo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXFjYWF3QUFBZG5AeVh1VQ&google_push=ARnp8GDZwHVeu14g3Pq4O5cmCFpK6Q-fk8EY3AgNKK8RFMMXoppXOmrp-1zaOBKAbs5QAy2wnbDFoJ9WwnynUlbUfPjWwL7nrPc

Request Chain 115

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDihoFe1zeMkkpBTH0Yg28sdcowTRj9MdCF6MXLf1db_7VaTjN4fpmjTuJONGFEQ2P88a-MXiANW3uzFGcnstPsTmtLmsM&google_gid=CAESEHNwclazeoEn8BnX6C5TW0c&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDihoFe1zeMkkpBTH0Yg28sdcowTRj9MdCF6MXLf1db_7VaTjN4fpmjTuJONGFEQ2P88a-MXiANW3uzFGcnstPsTmtLmsM&google_gid=CAESEHNwclazeoEn8BnX6C5TW0c&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MTMxMTA3MjMwMDA2NDMwODcxNjkzMQ%3D%3D&google_push=ARnp8GDihoFe1zeMkkpBTH0Yg28sdcowTRj9MdCF6MXLf1db_7VaTjN4fpmjTuJONGFEQ2P88a-MXiANW3uzFGcnstPsTmtLmsM

Request Chain 117

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMJjUWruUek6QICLdq_ybCc&google_cver=1&google_push=ARnp8GDaEztf_C-HzGiLlJJNxB4DvkZTv5GBJR9cnseW1pP4vbg2BdBfcfmNj-IBKjOHIkFVS_jXZIKEHD9dkcCr6wol4y03R5Ur HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dcg5DCtrSOSrUwc-roXa2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDaEztf_C-HzGiLlJJNxB4DvkZTv5GBJR9cnseW1pP4vbg2BdBfcfmNj-IBKjOHIkFVS_jXZIKEHD9dkcCr6wol4y03R5Ur

Request Chain 118

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELXhvpy6ikFYE5XSBuFHX20&google_cver=1&google_push=ARnp8GAWMxdgUURh-jse6-Uw3BjZkKEJTso18FDUa-9uJcGvtV2fXjeNrXmyQ5MU0Q4DX0m118LjAKNX22hTBc3Gi7u5Y8B9KUDE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRDTVNDNDMtMjMtSDJIRg==&google_push=ARnp8GAWMxdgUURh-jse6-Uw3BjZkKEJTso18FDUa-9uJcGvtV2fXjeNrXmyQ5MU0Q4DX0m118LjAKNX22hTBc3Gi7u5Y8B9KUDE

Request Chain 125

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNGz-dakqvgCFRRB4AodLPIMGQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1655118443_003e2af0-eb09-11ec-9580-2234796a82c3

Request Chain 130

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuid1poABODXc6uBLerpCtBOkbASyYtzBjBfasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.zenaps.com/cshow.php?pvr=0030e480-eb09-11ec-9435-22651120a0a6&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuid1poABODXc6uBLerpCtBOkbASyYtzBjBfasuid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1655118443_0030e480-eb09-11ec-9435-22651120a0a6&insert=AW&&gdpr=0&gdpr_consent=

156 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/ 95 KB
21 KB 6145ms
6029ms Document
text/html 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: ebb1320ac51d335c0982e1bb73d9e3f6a0ed38760b1c31b7a1eb2f1bb6ae68c7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 13 Jun 2022 11:07:19 GMT
link: <https://ca.topnews.media/wp-json/>; rel="https://api.w.org/" <https://ca.topnews.media/wp-json/wp/v2/posts/85721>; rel="alternate"; type="application/json" <https://ca.topnews.media/?p=85721>; rel=shortlink
server: nginx/1.19.2
vary: Accept-Encoding

GET
H2 200 topnews-ca_banner2.jpg
ca.topnews.media/wp-content/uploads/2022/04/ 65 KB
65 KB 75ms
74ms Image
image/jpeg 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca.topnews.media/wp-content/uploads/2022/04/topnews-ca_banner2.jpg
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 10f40a8d3e396171ff09132779af691a90bafcac94baa40fa7e3233a36f90784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
last-modified: Mon, 18 Apr 2022 20:17:16 GMT
server: nginx/1.19.2
etag: "625dc74c-103af"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 66479
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 6438b9c605983682e9ec4500b014446c42012e4c.jpg
i0.wp.com/ca.topnews.media/wp-content/uploads/2022/06/ 37 KB
38 KB 72ms
49ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/ca.topnews.media/wp-content/uploads/2022/06/6438b9c605983682e9ec4500b014446c42012e4c.jpg?resize=587%2C440&ssl=1

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

420d4e93a3b912fca0a473391ffb69c2bd9918ffeae097cc47479ca4acb9b49b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Mon, 13 Jun 2022 11:07:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jun 2022 11:07:19 GMT
server: nginx
etag: "7e96bff808b370a9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ca.topnews.media/wp-content/uploads/2022/06/6438b9c605983682e9ec4500b014446c42012e4c.jpg>; rel="canonical"
content-length: 38122
expires: Wed, 12 Jun 2024 23:07:19 GMT

GET
H2 200 tielabs-fonticon.woff
ca.topnews.media/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 40 KB
23 KB 75ms
72ms Font
application/font-woff 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Origin: https://ca.topnews.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-9e58"
content-type: application/font-woff
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 fa-solid-900.woff2
ca.topnews.media/wp-content/themes/jannah/assets/fonts/fontawesome/ 78 KB
78 KB 75ms
72ms Font
application/octet-stream 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Origin: https://ca.topnews.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-13654"
content-type: text/plain
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 fa-brands-400.woff2
ca.topnews.media/wp-content/themes/jannah/assets/fonts/fontawesome/ 75 KB
75 KB 75ms
71ms Font
application/octet-stream 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Origin: https://ca.topnews.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-12b44"
content-type: text/plain
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 fa-regular-400.woff2
ca.topnews.media/wp-content/themes/jannah/assets/fonts/fontawesome/ 13 KB
14 KB 75ms
71ms Font
application/octet-stream 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Origin: https://ca.topnews.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-3510"
content-type: text/plain
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.0/wp-includes/js/mediaelement/ 11 KB
3 KB 30ms
7ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:07:19 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.0/wp-includes/js/mediaelement/ 4 KB
1 KB 30ms
7ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:07:19 GMT

GET
H2 200 cookie-law-info-public.css
ca.topnews.media/wp-content/plugins/cookie-law-info/public/css/ 3 KB
1 KB 74ms
71ms Stylesheet
text/css 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 18:36:02 GMT
server: nginx/1.19.2
etag: W/"627ab092-c22"
content-type: text/css
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 cookie-law-info-gdpr.css
ca.topnews.media/wp-content/plugins/cookie-law-info/public/css/ 27 KB
4 KB 75ms
71ms Stylesheet
text/css 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 18:36:02 GMT
server: nginx/1.19.2
etag: W/"627ab092-6a71"
content-type: text/css
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 wp-automatic.css
ca.topnews.media/wp-content/plugins/wp-automatic/css/ 3 KB
853 B 75ms
71ms Stylesheet
text/css 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Sat, 12 Mar 2022 20:16:57 GMT
server: nginx/1.19.2
etag: W/"622cffb9-a99"
content-type: text/css
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 base.min.css
ca.topnews.media/wp-content/themes/jannah/assets/css/ 41 KB
9 KB 75ms
72ms Stylesheet
text/css 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-a3b0"
content-type: text/css
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 style.min.css
ca.topnews.media/wp-content/themes/jannah/assets/css/ 171 KB
29 KB 75ms
72ms Stylesheet
text/css 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-2aca3"
content-type: text/css
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 widgets.min.css
ca.topnews.media/wp-content/themes/jannah/assets/css/ 53 KB
9 KB 75ms
72ms Stylesheet
text/css 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-d37e"
content-type: text/css
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 helpers.min.css
ca.topnews.media/wp-content/themes/jannah/assets/css/ 15 KB
4 KB 75ms
72ms Stylesheet
text/css 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-3b78"
content-type: text/css
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 fontawesome.css
ca.topnews.media/wp-content/themes/jannah/assets/css/ 57 KB
12 KB 75ms
72ms Stylesheet
text/css 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-e526"
content-type: text/css
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 shortcodes.min.css
ca.topnews.media/wp-content/themes/jannah/assets/css/plugins/ 11 KB
3 KB 75ms
72ms Stylesheet
text/css 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-2d99"
content-type: text/css
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 single.min.css
ca.topnews.media/wp-content/themes/jannah/assets/css/ 40 KB
8 KB 75ms
73ms Stylesheet
text/css 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-9e25"
content-type: text/css
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 style-custom.css
ca.topnews.media/wp-content/themes/jannah/assets/custom-css/ 21 KB
3 KB 75ms
73ms Stylesheet
text/css 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/custom-css/style-custom.css?ver=49890
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 11d20181b617284dde9316e7158f78d9e2bad1c0258ad2caab8160a460cbe737

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 07:59:40 GMT
server: nginx/1.19.2
etag: W/"6268f7ec-532d"
content-type: text/css
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/10.9.1/css/ 84 KB
15 KB 28ms
7ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.9.1/css/jetpack.css

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

86c8f0ef3d5c51e837bd0c69424d11e9e8522f834e1c18d620073db93b5c79f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 17:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:07:19 GMT

GET
H2 200 related-posts.min.js Show response
c0.wp.com/p/jetpack/10.9.1/_inc/build/related-posts/ 6 KB
2 KB 29ms
8ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.9.1/_inc/build/related-posts/related-posts.min.js

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fe66ac5df69c78be7dfcf75943079129dbf24a254e89febc5a7e916d40de43bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:07:19 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.0/wp-includes/js/jquery/ 87 KB
30 KB 29ms
8ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0/wp-includes/js/jquery/jquery.min.js

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:07:19 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.0/wp-includes/js/jquery/ 11 KB
4 KB 29ms
8ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:07:19 GMT

GET
H2 200 cookie-law-info-public.js Show response
ca.topnews.media/wp-content/plugins/cookie-law-info/public/js/ 33 KB
8 KB 74ms
73ms Script
application/javascript 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 18:36:02 GMT
server: nginx/1.19.2
etag: W/"627ab092-8583"
content-type: application/javascript
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 cookie-law-info-ccpa.js Show response
ca.topnews.media/wp-content/plugins/cookie-law-info/admin/modules/ccpa/assets/js/ 7 KB
2 KB 74ms
73ms Script
application/javascript 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/plugins/cookie-law-info/admin/modules/ccpa/assets/js/cookie-law-info-ccpa.js?ver=2.1.2
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 08a25c504f8eff948a2911d660c1b12ef89c3fb8f3d57216facebebd6303b75e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 18:36:02 GMT
server: nginx/1.19.2
etag: W/"627ab092-1ca0"
content-type: application/javascript
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 main-front.js Show response
ca.topnews.media/wp-content/plugins/wp-automatic/js/ 1017 B
592 B 74ms
74ms Script
application/javascript 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.0
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: gzip
last-modified: Wed, 30 Dec 2020 13:24:00 GMT
server: nginx/1.19.2
etag: W/"5fec7f70-3f9"
content-type: application/javascript
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
50 KB 60ms
34ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3355035787845411

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6682e9fc05c01383592391b9774c83c4f39edab6478b4a4713afaf63a4a974a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca.topnews.media/
Origin: https://ca.topnews.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50535
x-xss-protection: 0
server: cafe
etag: 15406868891730019315
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 11:07:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 49ms
23ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162042173-8

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3da1345965312de8319e5ddf58610cc4fe1c4448a23a8a86ecab7413dff8b28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39771
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Jun 2022 11:07:20 GMT

GET
H/1.1 403
Forbidden invoke.js
aprilineffective.com/b7adea9c056eafc6f5f3aea5f7f14191/ 0
0 1042ms
108ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aprilineffective.com/b7adea9c056eafc6f5f3aea5f7f14191/invoke.js
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 11:07:20 GMT
Server: nginx/1.17.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H2 200 c559a584ace5b31d3160ef5e9bc5216bf802390e.jpeg
i0.wp.com/www.unn.com.ua/uploads/news/2022/06/13/ 7 KB
7 KB 26ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.unn.com.ua/uploads/news/2022/06/13/c559a584ace5b31d3160ef5e9bc5216bf802390e.jpeg?w=708&ssl=1

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6b4b6af7623b33ebee15a2c84b28859b6a6c1aca07d151a4f19ca163156744af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Mon, 13 Jun 2022 11:07:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jun 2022 11:07:20 GMT
server: nginx
etag: "4d0462bbf8942d54"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.unn.com.ua/uploads/news/2022/06/13/c559a584ace5b31d3160ef5e9bc5216bf802390e.jpeg>; rel="canonical"
content-length: 6708
expires: Wed, 12 Jun 2024 23:07:20 GMT

GET
H2 200 cookie-law-info-table.css
ca.topnews.media/wp-content/plugins/cookie-law-info/public/css/ 6 KB
2 KB 34ms
34ms Stylesheet
text/css 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.1.2
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 18:36:02 GMT
server: nginx/1.19.2
etag: W/"627ab092-17e1"
content-type: text/css
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:20 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/10.9.1/_inc/build/photon/ 685 B
348 B 9ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.9.1/_inc/build/photon/photon.min.js

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 13 Jun 2022 11:07:19 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:07:19 GMT

GET
H2 200 scripts.min.js Show response
ca.topnews.media/wp-content/themes/jannah/assets/js/ 22 KB
7 KB 37ms
34ms Script
application/javascript 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-57c9"
content-type: application/javascript
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:20 GMT

GET
H2 200 sliders.min.js Show response
ca.topnews.media/wp-content/themes/jannah/assets/js/ 48 KB
12 KB 37ms
35ms Script
application/javascript 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-c0a7"
content-type: application/javascript
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:20 GMT

GET
H2 200 shortcodes.js Show response
ca.topnews.media/wp-content/themes/jannah/assets/js/ 11 KB
4 KB 37ms
35ms Script
application/javascript 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: b5c9fd37dca1ec56a382c45a38fd9aa8425a4b522200f6526b982902f3c3f06c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-2bad"
content-type: application/javascript
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:20 GMT

GET
H2 200 desktop.min.js Show response
ca.topnews.media/wp-content/themes/jannah/assets/js/ 16 KB
6 KB 37ms
35ms Script
application/javascript 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-4198"
content-type: application/javascript
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:20 GMT

GET
H2 200 live-search.js Show response
ca.topnews.media/wp-content/themes/jannah/assets/js/ 14 KB
5 KB 37ms
35ms Script
application/javascript 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-3909"
content-type: application/javascript
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:20 GMT

GET
H2 200 single.min.js Show response
ca.topnews.media/wp-content/themes/jannah/assets/js/ 5 KB
2 KB 37ms
36ms Script
application/javascript 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-15ad"
content-type: application/javascript
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:20 GMT

GET
H2 200 e-202224.js Show response
stats.wp.com/ 9 KB
3 KB 31ms
7ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202224.js
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn
date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 04 Jun 2023 21:20:11 GMT

GET
H2 200 wp-emoji-release.min.js Show response
ca.topnews.media/wp-includes/js/ 18 KB
5 KB 64ms
63ms Script
application/javascript 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 20:03:40 GMT
server: nginx/1.19.2
etag: W/"628d3a1c-48b9"
content-type: application/javascript
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:20 GMT

GET
H2 200 print.css
ca.topnews.media/wp-content/themes/jannah/assets/css/ 2 KB
912 B 64ms
63ms Stylesheet
text/css 93.77.0.31
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ca.topnews.media/wp-content/themes/jannah/assets/css/print.css?ver=5.4.10
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.77.0.31 Khmelnytskyi, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 93.77.0.31.khm.volia.net
Software: nginx/1.19.2 /
Resource Hash: 03dd15a551c408fc3ee4496227c5b0798ead05885e535e47f3fa13b6d0fad687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 17:42:50 GMT
server: nginx/1.19.2
etag: W/"6260461a-87f"
content-type: text/css
cache-control: max-age=691200, public, no-transform
expires: Tue, 21 Jun 2022 11:07:20 GMT

GET
H/1.1 403
Forbidden invoke.js
aprilineffective.com/a895473ba3537c654d62fb62fdc99679/ 0
0 1028ms
112ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://ca.topnews.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 13 Jun 2022 11:07:20 GMT
Server: nginx/1.17.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162042173-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2892
date: Mon, 13 Jun 2022 10:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Jun 2022 12:19:08 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206080101/ 338 KB
119 KB 60ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3355035787845411&plah=ca.topnews.media&bust=31067966

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3355035787845411

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcb7590cb13f9e84346746dd3d601da76b0e6c96140d068b1f879c71d5420adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121839
x-xss-protection: 0
server: cafe
etag: 8640705052692938782
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 11:07:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/ Frame 2FE7 10 KB
5 KB 36ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3355035787845411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca.topnews.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Jun 2022 16:12:12 GMT
etag: 14734731752043123527
expires: Sun, 26 Jun 2022 16:12:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 32ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2027121064&t=pageview&_s=1&dl=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&ul=en-us&de=UTF-8&dt=Pfizer%20vaccines%20are%20safe%20and%20effective%20for%20young%20children%20-%20FDA%20-%20news%20on%20UNN%20-%20Canada%20News%20from%20TOPNews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=707025700&gjid=521381532&cid=1712750863.1655118440&tid=UA-162042173-8&_gid=1258160332.1655118440&_r=1&gtm=2ou680&z=96023418

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ca.topnews.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ca.topnews.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
645 B 71ms
17ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ca.topnews.media&callback=_gfp_s_&client=ca-pub-3355035787845411

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3355035787845411&plah=ca.topnews.media&bust=31067966

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

4f7d3593129dfeebb018366403db1047d62e727ff086f07d80c1a2a154dbdec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 39ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ca.topnews.media

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ca.topnews.media

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Jun 2022 11:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB5B 0
19 B 123ms
106ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&adk=2969136045&adf=3689892565&lmt=1655118440&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118440079&bpp=2&bdt=280&idt=102&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2742373256719&frm=20&pv=2&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=118

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca.topnews.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 11:07:20 GMT
expires: Mon, 13 Jun 2022 11:07:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 403
Forbidden invoke.js
aprilineffective.com/a895473ba3537c654d62fb62fdc99679/ 0
0 102ms
101ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://ca.topnews.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 13 Jun 2022 11:07:21 GMT
Server: nginx/1.17.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
aprilineffective.com/a895473ba3537c654d62fb62fdc99679/ 0
0 98ms
97ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://ca.topnews.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 13 Jun 2022 11:07:21 GMT
Server: nginx/1.17.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
aprilineffective.com/a895473ba3537c654d62fb62fdc99679/ 0
0 109ms
109ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://ca.topnews.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 13 Jun 2022 11:07:21 GMT
Server: nginx/1.17.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
aprilineffective.com/56859bd5cfa3136336ca47109428b997/ 0
0 414ms
411ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aprilineffective.com/56859bd5cfa3136336ca47109428b997/invoke.js
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://ca.topnews.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 13 Jun 2022 11:07:21 GMT
Server: nginx/1.17.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 335ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: WBe2tB8eAln5rHkeUGIyZYhlHFMDy3XKmZxe4kgMTOipt/hKZGPaCkd+NST7s0JcIBAGpwesfLqR6D9Jd5LpDA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 13 Jun 2022 11:07:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
aprilineffective.com/56859bd5cfa3136336ca47109428b997/ 0
0 104ms
103ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aprilineffective.com/56859bd5cfa3136336ca47109428b997/invoke.js
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://ca.topnews.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 13 Jun 2022 11:07:21 GMT
Server: nginx/1.17.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
aprilineffective.com/b2f9b1ac8a73bd9ea377ec034617c035/ 0
0 102ms
102ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aprilineffective.com/b2f9b1ac8a73bd9ea377ec034617c035/invoke.js
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://ca.topnews.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 13 Jun 2022 11:07:22 GMT
Server: nginx/1.17.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H2 200 rossiiskii-general-optimized.jpg
i0.wp.com/ca.topnews.media/wp-content/uploads/2022/05/ 9 KB
9 KB 8ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/ca.topnews.media/wp-content/uploads/2022/05/rossiiskii-general-optimized.jpg?resize=390%2C220&ssl=1

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

1c966a6de845cfcdec8d3bc06eeed047027bf536855b41a91b2aae5d5f6de25c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Mon, 13 Jun 2022 11:07:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 22:25:51 GMT
server: nginx
etag: "445f4b5117db7556"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ca.topnews.media/wp-content/uploads/2022/05/rossiiskii-general-optimized.jpg>; rel="canonical"
content-length: 9014
expires: Thu, 23 May 2024 10:25:51 GMT

GET
H2 200 1654440375_2741677.jpg
i0.wp.com/ca.topnews.media/wp-content/uploads/2022/06/ 6 KB
7 KB 8ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/ca.topnews.media/wp-content/uploads/2022/06/1654440375_2741677.jpg?resize=190%2C120&ssl=1

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

5618f44ef33115a97b68120f2a28a4c91bd8f4263f4813d68d2324dee8da46f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 13 Jun 2022 11:07:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 05 Jun 2022 15:04:11 GMT
server: nginx
etag: "eabd95248c94eae8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ca.topnews.media/wp-content/uploads/2022/06/1654440375_2741677.jpg>; rel="canonical"
content-length: 6502
expires: Wed, 05 Jun 2024 03:04:11 GMT

GET
H3 200 775838193255849 Show response
connect.facebook.net/signals/config/ 289 KB
83 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/775838193255849?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2bdbf3f8170f52249d898129d93764f29d715191c800ccf7ecdeb02832595c63

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84855
x-xss-protection: 0
pragma: public
x-fb-debug: uHGqUAYo8iqjcGwamibVmUJgPEjCZ/U/sKyeqzNOale3Qjz77Rwgzc8SKg8F7RH0N2Jop5R75QMoQ8dHNRysIw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 13 Jun 2022 11:07:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 24ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=775838193255849&ev=PageView&dl=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&rl=&if=false&ts=1655118442181&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1655118442180.453070044&it=1655118442129&coo=false&rqm=GET

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 13 Jun 2022 11:07:22 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 35ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ca.topnews.media

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Jun 2022 11:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
19ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ca.topnews.media

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Jun 2022 11:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 62CF 32 KB
12 KB 447ms
446ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=7802967237&adk=3806675401&adf=2653011959&pi=t.ma~as.7802967237&w=388&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=388x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442210&bpp=6&bdt=2411&idt=6&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wt4hBGKIWe&p=https%3A//ca.topnews.media&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e11deb1084baabe8515ec51570582f28e23d2bd3982fcc2476bc7664a8a29d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca.topnews.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12449
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 11:07:22 GMT
expires: Mon, 13 Jun 2022 11:07:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 403
Forbidden invoke.js
aprilineffective.com/a895473ba3537c654d62fb62fdc99679/ 0
0 98ms
98ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://ca.topnews.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 13 Jun 2022 11:07:22 GMT
Server: nginx/1.17.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ca.topnews.media

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Jun 2022 11:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ca.topnews.media

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Jun 2022 11:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C4A 26 KB
11 KB 188ms
184ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=9092794331&adk=92259808&adf=2442409221&pi=t.ma~as.9092794331&w=1200&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442326&bpp=1&bdt=2526&idt=2&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0%2C388x280&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3nVaI2Bpgy&p=https%3A//ca.topnews.media&dtd=25

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

395e4a0dfda3e9e33696c81a0d9c7097caa5629f2f6106a6cd3eb53c289b50e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca.topnews.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 11644
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 11:07:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET admin-ajax.php
ca.topnews.media/wp-admin/ 0
0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 13ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.9.1&blog=204457541&post=85721&tz=3&srv=ca.topnews.media&host=ca.topnews.media&ref=&fcp=6366&rand=0.4256357258880661
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Jun 2022 11:07:22 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 1f5bc.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
956 B 500ms
6ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f5bc.svg

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

757612868392a18f57990f26f530d5b38a7d2614ea8f41ac603aaf9eae07008c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 13 Jun 2022 11:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2757.svg
s.w.org/images/core/emoji/14.0.0/svg/ 231 B
294 B 500ms
7ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2757.svg

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

e2e68e97593beb78225af7f9edc7624c19cd84ebfeb07dcbc4b06fb9f49d0526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 13 Jun 2022 11:07:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET /
ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/ 0
0

GET
H2 200 1654018455_2740786.jpg
i0.wp.com/ca.topnews.media/wp-content/uploads/2022/05/ 5 KB
6 KB 175ms
175ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/ca.topnews.media/wp-content/uploads/2022/05/1654018455_2740786.jpg?fit=190%2C120&ssl=1

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

682ff25c1b5facbe9a1d837278dafa31935570c169e741a927f12bca6f2c5087

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Mon, 13 Jun 2022 11:07:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jun 2022 11:07:22 GMT
server: nginx
etag: "ea421fc24377b779"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ca.topnews.media/wp-content/uploads/2022/05/1654018455_2740786.jpg>; rel="canonical"
content-length: 5588
expires: Wed, 12 Jun 2024 23:07:22 GMT

GET
H2 200 1654570523_2741933.jpg
i0.wp.com/ca.topnews.media/wp-content/uploads/2022/06/ 7 KB
7 KB 230ms
230ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/ca.topnews.media/wp-content/uploads/2022/06/1654570523_2741933.jpg?fit=190%2C120&ssl=1

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d756c5a5a9fbcf83b5879d788aa2a65c162da3aada72c448f812360568c1e1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Mon, 13 Jun 2022 11:07:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jun 2022 11:07:22 GMT
server: nginx
etag: "21803a1c8961eaf2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ca.topnews.media/wp-content/uploads/2022/06/1654570523_2741933.jpg>; rel="canonical"
content-length: 7338
expires: Wed, 12 Jun 2024 23:07:22 GMT

GET
H2 200 1648859439_censor_social.jpg
i0.wp.com/ca.topnews.media/wp-content/uploads/2022/04/ 121 KB
122 KB 8ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/ca.topnews.media/wp-content/uploads/2022/04/1648859439_censor_social.jpg?fit=1566%2C822&ssl=1

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

9fcb6ca161319bb76b76090ca8c15a155089e67c37746501d159bdd7f420624a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 13 Jun 2022 11:07:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 05 Jun 2022 18:02:53 GMT
server: nginx
etag: "1ee433f5851e8b15"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ca.topnews.media/wp-content/uploads/2022/04/1648859439_censor_social.jpg>; rel="canonical"
content-length: 124378
expires: Wed, 05 Jun 2024 06:02:53 GMT

GET
H2 200 eYvqzGbYloN_yQz3WKe9lT_VIVLouB0v.jpg
i0.wp.com/ca.topnews.media/wp-content/uploads/2022/05/ 41 KB
41 KB 8ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/ca.topnews.media/wp-content/uploads/2022/05/eYvqzGbYloN_yQz3WKe9lT_VIVLouB0v.jpg?fit=880%2C586&ssl=1

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a215939f66d5b7386b0318f276f78e8c614d3cf6571b17a753023bdc54a14a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 13 Jun 2022 11:07:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 05 Jun 2022 15:53:35 GMT
server: nginx
etag: "56e433e74ad8e2d3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ca.topnews.media/wp-content/uploads/2022/05/eYvqzGbYloN_yQz3WKe9lT_VIVLouB0v.jpg>; rel="canonical"
content-length: 41558
expires: Wed, 05 Jun 2024 03:53:35 GMT

GET
H2 200 1645197273-3481.jpg
i0.wp.com/ca.topnews.media/wp-content/uploads/2022/05/ 154 KB
154 KB 482ms
482ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/ca.topnews.media/wp-content/uploads/2022/05/1645197273-3481.jpg?fit=1200%2C803&ssl=1

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6c79e034ed0798a7bd8359147de6f5df860ede7024d5a8d9ea141487ae51edbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: MISS hhn 4
date: Mon, 13 Jun 2022 11:07:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jun 2022 11:07:22 GMT
server: nginx
etag: "1ab404ebd288a518"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ca.topnews.media/wp-content/uploads/2022/05/1645197273-3481.jpg>; rel="canonical"
content-length: 157624
expires: Wed, 12 Jun 2024 23:07:22 GMT

GET
H2 200 7344190_fb_image_ukr_2022_05_05_12_12_42.png
i0.wp.com/ca.topnews.media/wp-content/uploads/2022/05/ 12 KB
12 KB 302ms
302ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/ca.topnews.media/wp-content/uploads/2022/05/7344190_fb_image_ukr_2022_05_05_12_12_42.png?fit=1200%2C630&ssl=1

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f63098aeca2e2c973bba8c9537e71f7639db38907861b8ebbf8385cf682a5b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Mon, 13 Jun 2022 11:07:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jun 2022 11:07:22 GMT
server: nginx
etag: "8b42fdc604ef8c75"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ca.topnews.media/wp-content/uploads/2022/05/7344190_fb_image_ukr_2022_05_05_12_12_42.png>; rel="canonical"
content-length: 11934
expires: Wed, 12 Jun 2024 23:07:22 GMT

GET
H2 404 1644169986-2968.jpg
i0.wp.com/ca.topnews.media/wp-content/uploads/2022/03/ 65 B
65 B 178ms
178ms Image
text/html 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.wp.com/ca.topnews.media/wp-content/uploads/2022/03/1644169986-2968.jpg?fit=1200%2C799&ssl=1
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: i2.wp.com
Software: nginx /
Resource Hash: 3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Mon, 13 Jun 2022 11:07:22 GMT
server: nginx
content-type: text/html; charset=utf-8

GET
H2 200 1653094646_moskovskyj-patriarhat-vyznaly-vorozhoyu-spilnotoyu-na-monastyryshhyni.jpeg
i0.wp.com/ca.topnews.media/wp-content/uploads/2022/05/ 16 KB
16 KB 259ms
259ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/ca.topnews.media/wp-content/uploads/2022/05/1653094646_moskovskyj-patriarhat-vyznaly-vorozhoyu-spilnotoyu-na-monastyryshhyni.jpeg?fit=660%2C371&ssl=1

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

668f210df4e065e8481777c2a097c65903b341066a87a7f06997926dc0d36615

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: MISS hhn 4
date: Mon, 13 Jun 2022 11:07:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jun 2022 11:07:22 GMT
server: nginx
etag: "ac8410a62209ea86"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ca.topnews.media/wp-content/uploads/2022/05/1653094646_moskovskyj-patriarhat-vyznaly-vorozhoyu-spilnotoyu-na-monastyryshhyni.jpeg>; rel="canonical"
content-length: 16346
expires: Wed, 12 Jun 2024 23:07:22 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame EE8D 0
17 B 18ms
8ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ca.topnews.media
Referer: https://ca.topnews.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://ca.topnews.media
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 11:07:22 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AA51 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQN3rahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMACT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeWuYryuBpwhaWmbmtZ2RvGnquPWIKe9nfJSY7-NFJi-AAK5IVHzqABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMzU1MDM1Nzg3ODQ1NDExGAA&sigh=ErPDInLkEzA&uach_m=[UACH]&cid=CAQSPACNIrLMVn8LHJIKLOYW2LxefscorEpfuefJFk-zMJeftg2DQ1sBNeSBfod_kt-aCmVL7ilKV5u6cikFfxgB

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=7802967237&adk=3806675401&adf=2653011959&pi=t.ma~as.7802967237&w=388&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=388x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442210&bpp=6&bdt=2411&idt=6&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wt4hBGKIWe&p=https%3A//ca.topnews.media&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 13 Jun 2022 11:07:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame AA51 0
0 46ms
18ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hm8cvb58rej919qv6872abf5rm5yzkcnrfsm8g6rw64bqbv2qfd2s6shc7pm68eh68g7bcttnk63avejkcxg9jnm5bbn608gg65vksc3810jtpewj96dp0j9ksmebaqjjwy6gx0ge8tjcg5vnfeyaew41577md31js05snrgt4ncqa76anhj7jscbyg2rcd6ys260h6x9mpvttbzngpsvpsqvm3rgwkvjbrbp63ejqp3fgk2xp9h6zy4wmprarpztgpt3sdyxan8te1km7q19f0z47rb9f96mjw546945rfkdkz1qccsf76xgzc3kgfxjcdjgy5pxnv8rs2a1z58gz06ghbnncpr69g3twkva6fqreqf1anehghc2jdaeg6cvvdttfqfrhm5gbc5fypyd0&b=YqcaagAE6h8GrRCzAA3vJdlTtef1zrNNn-ZNyQ
Requested by: Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Jun 2022 11:07:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 58BE 2 KB
3 KB 49ms
22ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hzsx4zf4f11h4s7a907hcvbam80h8s8vq2txx024he0kkqmvwrbh7jsfznwp1gk1deb8swpmnmxrv4drsxxwf4t1ear7mszbsn12xmr1nzp6arbbkrabjeav6zxptdh2a4106xaqf5r5f82c99rx228wymg21vamw0jbmzdcg6zpb4jke56059m0nn5dp28wx2y4wc1d1yr6excmdhmknhxm2htz9zwpz01y3nhmngevyxsab59j77rw91x916kda82krg0hsa4bzfhynxtexxtkwnm8he7hb8mnj02t56tejntw8vrhy8mp29yb39c63maa4dbykj2s4thgwz5pnr3vwjmdy4cjb4q39e8htmnyk7fhcmg75vndxkytk8hpt80s1ed0q3gzzkz9a83v2te4fv4qjqzcm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%26client%3Dca-pub-3355035787845411%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=7802967237&adk=3806675401&adf=2653011959&pi=t.ma~as.7802967237&w=388&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=388x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442210&bpp=6&bdt=2411&idt=6&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wt4hBGKIWe&p=https%3A//ca.topnews.media&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d754ccac04fff1aeef9f9555514b33b85ec9a18ad25e03db0dfe223dbe3ed662

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 71aa5cbc3e799061-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 11:07:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame AA51 3 KB
1 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Jun 2022 11:07:12 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0CF1 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 14 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA51 138 KB
43 KB 47ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43429
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654688687962514"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 11:07:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame AA51 17 KB
8 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Jun 2022 11:06:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AA51 0
0 41ms
16ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3_njcV6Ai9S1Gr24sSPvuFxHefJsvGuAhE6Y3s4_mpsVdeM1exOxnFmDsP3jZAaTJzIg3vobz0xshqzw9syDwSHzYLg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=7802967237&adk=3806675401&adf=2653011959&pi=t.ma~as.7802967237&w=388&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=388x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442210&bpp=6&bdt=2411&idt=6&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wt4hBGKIWe&p=https%3A//ca.topnews.media&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0CF1 35 B
463 B 46ms
11ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFxlRYl8kVjoxTDRKELSOX8&google_cver=1&google_push=ARnp8GB8p4OIjan1s7kBsAncfmrNJq073dbhSA3timAcqQpIeW3NXjOgvI2M-6PvrlE0nvgUd3ZcAkupPp72Iw0PC3hZcUZtT1w

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 0CF1 0
98 B 41ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GAsbrKalAh8yg_rx2Tc1clT67bNVYefWVZTzk_6JdziqPZUTAEhmo03cvERn3WvW20RokRo4fdhk58I9V941Cf3Zh404SY&google_gid=CAESEFStU-fNVzAlqU2gfGUU9Lk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=7802967237&adk=3806675401&adf=2653011959&pi=t.ma~as.7802967237&w=388&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=388x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442210&bpp=6&bdt=2411&idt=6&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wt4hBGKIWe&p=https%3A//ca.topnews.media&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 0CF1 43 B
641 B 134ms
106ms Image
image/gif 35.190.90.30
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEEzs7Qu1Et0xqn3HGY0GUPE&google_push=ARnp8GByw9mMUmJEfPGFl72LhDGfXtdISs1nKw1DxLDlpdlYGNiDq9InYkdgb6DWDOdeemdk_m1n3UdwGwE0i-hhCiUuAR2i4jU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=7802967237&adk=3806675401&adf=2653011959&pi=t.ma~as.7802967237&w=388&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=388x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442210&bpp=6&bdt=2411&idt=6&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wt4hBGKIWe&p=https%3A//ca.topnews.media&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.90.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.90.190.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:22 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 0CF1 43 B
350 B 46ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFjOvN-KlRLKkirUTvtRRm0&google_cver=1&google_push=ARnp8GCzzOYJLhez-sFawvTfh7Bwi7o_96fjGSodDqoWpyY5RO8MFWpM-SYLkg6VOIX5c1j-VlPG45gypN81qrzW9bj3zDibVcA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=7802967237&adk=3806675401&adf=2653011959&pi=t.ma~as.7802967237&w=388&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=388x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442210&bpp=6&bdt=2411&idt=6&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wt4hBGKIWe&p=https%3A//ca.topnews.media&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 1oc8shgs0qe4c41cabja7hhv1339ipv7

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CF1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dcg5DCtrSOSrUwc-roXa2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

23ms
23ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dcg5DCtrSOSrUwc-roXa2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCQPU7zSocgmOMDg_-n40McTsWtkhn17fxL4J2KSEH38tin6BuokKBdvbN6KIjS7agkt684ve8jdZva_8U_PqSv0GnHuxE

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dcg5DCtrSOSrUwc-roXa2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCQPU7zSocgmOMDg_-n40McTsWtkhn17fxL4J2KSEH38tin6BuokKBdvbN6KIjS7agkt684ve8jdZva_8U_PqSv0GnHuxE
date: Mon, 13 Jun 2022 11:07:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CF1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELXhvpy6ikFYE5XSBuFHX20&google_cver=1&google_push=ARnp8GA-P3AfXR3o0anQsGsqxXtPrDbCiPdulSRoKzVsDplRHQqbOjTsX9GhwdN8yBiCm_Pxeo9...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRDTVNDMEctMVctSzFHQw==&google_push=ARnp8GA-P3AfXR3o0anQsGsqxXtPrDbCiPdulSRoKzVsDplRHQqbOjTsX9GhwdN8yBiCm_Pxeo9YvrW0O5789G4ETNNH75cb6UA

170 B
188 B

44ms
28ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRDTVNDMEctMVctSzFHQw==&google_push=ARnp8GA-P3AfXR3o0anQsGsqxXtPrDbCiPdulSRoKzVsDplRHQqbOjTsX9GhwdN8yBiCm_Pxeo9YvrW0O5789G4ETNNH75cb6UA

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRDTVNDMEctMVctSzFHQw==&google_push=ARnp8GA-P3AfXR3o0anQsGsqxXtPrDbCiPdulSRoKzVsDplRHQqbOjTsX9GhwdN8yBiCm_Pxeo9YvrW0O5789G4ETNNH75cb6UA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CF1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAdtOiXo72cLvAFDe4zg-KQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAdtOiXo72cLvAFDe4zg-KQ&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqcaauDc7SOI4Vk44E4UXAAABK4AAAIB&google_push=ARnp8GAbRLWcmTUOxrHHadM91WzLp7iK72gfZNJ1-Q2lmu4GTCdQfxmA_-2bvErGiHKYwHowzUkpCDcdw6D_0juzfM...

170 B
188 B

19ms
18ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqcaauDc7SOI4Vk44E4UXAAABK4AAAIB&google_push=ARnp8GAbRLWcmTUOxrHHadM91WzLp7iK72gfZNJ1-Q2lmu4GTCdQfxmA_-2bvErGiHKYwHowzUkpCDcdw6D_0juzfMffs3u5iQ&google_cver=1&google_gid=CAESEAdtOiXo72cLvAFDe4zg-KQ

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 11:07:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqcaauDc7SOI4Vk44E4UXAAABK4AAAIB&google_push=ARnp8GAbRLWcmTUOxrHHadM91WzLp7iK72gfZNJ1-Q2lmu4GTCdQfxmA_-2bvErGiHKYwHowzUkpCDcdw6D_0juzfMffs3u5iQ&google_cver=1&google_gid=CAESEAdtOiXo72cLvAFDe4zg-KQ
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Mon, 13 Jun 2022 11:07:22 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0CF1 0
232 B 67ms
16ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAjW0IruhgHxwIfW55jK9iD8wSxp0UGcq6zsONuK9Zv5MEXMiiDfozogruuOo5GOIxtNU_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.20/one-ad/ Frame 58BE 85 KB
11 KB 40ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hzsx4zf4f11h4s7a907hcvbam80h8s8vq2txx024he0kkqmvwrbh7jsfznwp1gk1deb8swpmnmxrv4drsxxwf4t1ear7mszbsn12xmr1nzp6arbbkrabjeav6zxptdh2a4106xaqf5r5f82c99rx228wymg21vamw0jbmzdcg6zpb4jke56059m0nn5dp28wx2y4wc1d1yr6excmdhmknhxm2htz9zwpz01y3nhmngevyxsab59j77rw91x916kda82krg0hsa4bzfhynxtexxtkwnm8he7hb8mnj02t56tejntw8vrhy8mp29yb39c63maa4dbykj2s4thgwz5pnr3vwjmdy4cjb4q39e8htmnyk7fhcmg75vndxkytk8hpt80s1ed0q3gzzkz9a83v2te4fv4qjqzcm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%26client%3Dca-pub-3355035787845411%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8965ee1f9673ae2ab083ee9c063eea7eb04aef2e756a7e46f58337bb1caef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hzsx4zf4f11h4s7a907hcvbam80h8s8vq2txx024he0kkqmvwrbh7jsfznwp1gk1deb8swpmnmxrv4drsxxwf4t1ear7mszbsn12xmr1nzp6arbbkrabjeav6zxptdh2a4106xaqf5r5f82c99rx228wymg21vamw0jbmzdcg6zpb4jke56059m0nn5dp28wx2y4wc1d1yr6excmdhmknhxm2htz9zwpz01y3nhmngevyxsab59j77rw91x916kda82krg0hsa4bzfhynxtexxtkwnm8he7hb8mnj02t56tejntw8vrhy8mp29yb39c63maa4dbykj2s4thgwz5pnr3vwjmdy4cjb4q39e8htmnyk7fhcmg75vndxkytk8hpt80s1ed0q3gzzkz9a83v2te4fv4qjqzcm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%26client%3Dca-pub-3355035787845411%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 501000
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86961
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Tue, 07 Jun 2022 15:57:22 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 71aa5cbc88859159-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 58BE 36 KB
13 KB 28ms
16ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hzsx4zf4f11h4s7a907hcvbam80h8s8vq2txx024he0kkqmvwrbh7jsfznwp1gk1deb8swpmnmxrv4drsxxwf4t1ear7mszbsn12xmr1nzp6arbbkrabjeav6zxptdh2a4106xaqf5r5f82c99rx228wymg21vamw0jbmzdcg6zpb4jke56059m0nn5dp28wx2y4wc1d1yr6excmdhmknhxm2htz9zwpz01y3nhmngevyxsab59j77rw91x916kda82krg0hsa4bzfhynxtexxtkwnm8he7hb8mnj02t56tejntw8vrhy8mp29yb39c63maa4dbykj2s4thgwz5pnr3vwjmdy4cjb4q39e8htmnyk7fhcmg75vndxkytk8hpt80s1ed0q3gzzkz9a83v2te4fv4qjqzcm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%26client%3Dca-pub-3355035787845411%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff0d4da2bf6d1e6dfd402f2336013c94dc4af4ece767367ab66e9f0d35c2459c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=8tWKlw==, md5=6aWQ1AqH0xLbzdUzNXv+Gg==
date: Mon, 13 Jun 2022 11:07:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82248
x-guploader-uploadid: ADPycdvD1eKacSKB7AnmTTV9M610NFKgbEJi4k9s-819rBQOSFvbSH7SySyIA6vWp-mefhV2eSi322pgzCm9X2DBWJXwi4-zrNq-
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Jun 2022 12:16:17 GMT
server: cloudflare
etag: W/"e9a590d40a87d312dbcdd533357bfe1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73m%2FkDCf081J3t9zHeVqJBeIMyiVFzjJF9VswkShPEcxi0PlwM9QiEyXvUK0G1tuV7O01GVHpKQLKkg79mtoJJBdGVS2dz6%2FAD2PtRGmfLWLFaHFh2%2ByLL1DeD4aMKKCQXtgYu4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1654863377140818
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11896
cf-ray: 71aa5cbc7eda9061-FRA
expires: Sun, 12 Jun 2022 12:16:34 GMT

GET
DATA 200
OK truncated
/ Frame AA51 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80b5d4915e17f9a3d3b044c26d796781f612a82921afba5859481e570aa36599

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 58BE 3 KB
4 KB 59ms
19ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 13 Jun 2022 11:07:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12014939
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60pyRa7ziHMwRaBkClGl14BKqBhrZ7HU1lmW2eokqC6ova61YB42Wtx83l2IL6zkbGYxbNi2tBllz3V8rLkWMSVwmNTeOxTuNFXZH6wyzckj1%2B8mTLQqBpV%2BXdogINhw83UB5%2BAKHLFm%2BjxTxUVtSkpH"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 71aa5cbcfbc291d8-FRA
expires: Wed, 25 Jan 2023 09:38:24 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 4316 2 KB
2 KB 19ms
19ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1309121
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 71aa5cbcb9239159-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 13 Jun 2022 11:07:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 13 Jun 2022 12:07:23 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCEsqtNGQRop7aJlfLvgM561Brkxdm0E6EMFlhhLLYsCM%2FBD%2BlWWPg%2FdUHYb2t3RShJrIkAc3MRx95QpAWh82Yf9ZjM02kMhUSELXx%2FrXSnXrC1oWurIAGTFSFLLx4rqMNJXf78%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycds-8sQtq3wpa_8FZA4_lJm2l0V1rVRE94pQrLxNSzcoOyWFTKcSCQQ1tfbcjuocIbHYIVQdYrNUUHn7EVvK_wY

POST
H3 200 rs Show response
ad4m.at/ Frame 58BE 2 KB
2 KB 34ms
33ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae86fb1e494e438623b8f18c5318c0fa642119394c29b146ea95d80290401ecf

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 71aa5cbd3dcb9b71-FRA
date: Mon, 13 Jun 2022 11:07:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVxYi7lyVpcd8MgjwKJ9ml2SofDiP6jiY4bW34oGb%2BMQhFtjAkM07v5MbToWxuCUkme%2FcjyI6kuA%2BpVakQYwFfjS26H%2FYgoSeV3FO5Y9x8G8sO8WaOUYHxDrMrVAV%2B5smyYu%2BVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-vqzd

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 40ms
28ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71aa5cbd0d849b71-FRA
content-length: 24
content-type: text/plain
date: Mon, 13 Jun 2022 11:07:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqAGpvN%2Bwe1s77nLUJHeSYr1%2FRUFqOMtXyWRhtcMHvIVmjRQfmvLYxUZhChshh4YQytzQsBg8A43mQrZPluCtt73Wv1JdT5jEu%2B9RhMQIoTypxAqZjO4gdkAG8g5Bl2qMFartrg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-vqzd

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 8C4A 3 KB
1 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=9092794331&adk=92259808&adf=2442409221&pi=t.ma~as.9092794331&w=1200&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442326&bpp=1&bdt=2526&idt=2&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0%2C388x280&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3nVaI2Bpgy&p=https%3A//ca.topnews.media&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Jun 2022 11:07:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C4A 138 KB
42 KB 47ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43429
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654688687962514"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 11:07:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 8C4A 17 KB
7 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Jun 2022 11:06:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8C4A 0
0 35ms
16ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXbE-pajDwct2RowX4ssy_HYPoq1-itJ9uSr-ogKOiiF81ymlIQ9C7Rlo4P5zOrg6a3KL-9uNHW8ZgRElyXLOOHRIzgA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=9092794331&adk=92259808&adf=2442409221&pi=t.ma~as.9092794331&w=1200&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442326&bpp=1&bdt=2526&idt=2&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0%2C388x280&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3nVaI2Bpgy&p=https%3A//ca.topnews.media&dtd=25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C4A 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Caw1mahqnYunZNtiqtwfP6ajICMme0rFc9ZHevrEBwI23ARABIABglfKwgrgHggEXY2EtcHViLTMzNTUwMzU3ODc4NDU0MTGgAdW20uoDyAEJqQJHg1yb0Y2xPqgDAaoEwQJP0Hbxfy4byyBmWzjd-OG3Oa8kfGJSkHjQlDADRatiX2kFAw_3saL6fIrvsRo8hXeb0y5JxYeMxWq40lBHbDWDIxE8fJuywR9s6FzJ4_0IWWyDDe2_ilYtLsNhLJefwXq9CsO04kxl7-l4aCUPlD3AlI-oHaraalNNFICNUM1n9vw7pnbZWYl3xOx3xa3FhCkn9OPV9rfrEa6CtOOQg-a3RcOK2lCjzq0denBOwqDu1ipOa2CtF7w3-d08NbKvcOQD4l3pn8Vuqr8999nxcdcWM-ztyvs8L521en_1PLLkhQUaN7sZjYSHqHGAdxQDO31iF4IKhRJ2pzi39tk0lMRsGKlU1Uy0Xak2-j6Y9ZCofAuHVwphFVbd6_y3Gdu1rF7J01TSfKalbKDwlkLoUpwIxCuLbNs5fVJGSqUVDBWST3KABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMzNTUwMzU3ODc4NDU0MTEYAA&sigh=lEwVgPiA5B0&uach_m=[UACH]&cid=CAQSPACNIrLMpXcJIQfOpAUZUvDZrnEc_tD0cC1Hp34TGjphoCNoaKhmGLI6GFjSxa5IynFyKcAL5JB2tX55oBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=9092794331&adk=92259808&adf=2442409221&pi=t.ma~as.9092794331&w=1200&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442326&bpp=1&bdt=2526&idt=2&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0%2C388x280&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3nVaI2Bpgy&p=https%3A//ca.topnews.media&dtd=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 13 Jun 2022 11:07:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 8C4A 0
0 51ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kfi0Ecz6RLAJmAKdg2ICAgAAACbGV41E9812cNRnexBqGqdiuVliyIQ_vJ3b8S0AEgAA&wp=YqcaagANrOkK7dVYAAo0z9yhtZIPt4bvR1U6Eg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:22 GMT
server: Kestrel
server-processing-duration-in-ticks: 261890
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9D23 165 KB
52 KB 121ms
78ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YqcaagANrOkK7dVYAAo0z9yhtZIPt4bvR1U6Eg&u=%7Cft7ZCjuJwTLQKb89XhrMpeoHgJVe5PxthY9EqEB6Fpk%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdgtBH6KllqllAY4WLkl56pRWPZRFcFl5ac0_uOlWYITUqgc9NZeQ1DSoHMRODarEMaP3KaGClxug4QwEJcSa9sTSrdEWgGeji2-maVDV7DHYr3zKBgwlBqXjMjCP04sno6CKTbsykSLSBOkPrDtShYHVYnG9cIyfM0ww0mavECGIk-pLznHz9NGM_OWyalOenD3WehuJqDiMddi2pMZuiwk2FQdyLTm5iZxE7MPu6S9eaSaVvJWxIklThR2S5LkTXnNLTOfkzuFNy5h8cTkgS9UJrpS4k0IdkVStkvmqDubeMF_g0H8ZmZhyhLM7yz4rg21k_ldydx9wKR9pbqclALq4eovgdcMnKTA7zPI5XwWHirngCZqqHFC3bn6K6d7xUwhpdgqzg1F6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa9rrahqnYunZNtiqtwfP6ajICMme0rFc9ZHevrEBwI23ARABIABglfKwgrgHggEXY2EtcHViLTMzNTUwMzU3ODc4NDU0MTGgAdW20uoDyAEJqQJHg1yb0Y2xPqgDAaoExAJP0Hbxfy4byyBmWzjd-OG3Oa8kfGJSkHjQlDADRatiX2kFAw_3saL6fIrvsRo8hXeb0y5JxYeMxWq40lBHbDWDIxE8fJuywR9s6FzJ4_0IWWyDDe2_ilYtLsNhLJefwXq9CsO04kxl7-l4aCUPlD3AlI-oHaraalNNFICNUM1n9vw7pnbZWYl3xOx3xa3FhCkn9OPV9rfrEa6CtOOQg-a3RcOK2lCjzq0denBOwqDu1ipOa2CtF7w3-d08NbKvcOQD4l3pn8Vuqr8999nxcdcWM-ztyvs8L521en_1PLLkhQUaN7sZjYSHqHGAdxQDO31iF4IKhRJ2pzi39tk0lMRsGKlU1Uy0Xak2-j6Y9ZCofAuHVwphFVbd6_y3W9mUPtlGT0dt4LIGvJ1Wbkv8WCoC6jMJ2BME26D5VIkNib8WXM0qNjSABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2T2GyVukAT1LE7MLUxZHE91WO1-Q%26client%3Dca-pub-3355035787845411%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8a141fe46f7146a6a9f1f18661ef2225f2700fc996450679b7791126c5000d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 11:07:22 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=hsz55bHDFtdAkwDx1IxlsLCCCzcxZveyvdBBbVZEqnZYvxIvTZSOi26Sok_GVXaNykzrh3OKCg5InsfPeX29QXRC1UkxkNK5TJ2Hg1ZC-njqtg0DL8JHwp5wu1qiP_SjYxV8XSRPfRU99dg614uF68yc_QFT1pWBSK2Q-OE68iHs49iX-ZmJm103uAwE4KJpFMf7-1cdPSuZmynSntsIQoIZO0_eC86EI7QqBNzECnFbC_nG2j65A8uZFCf7hC9WwCzU6Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 63678397
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7B2C 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 14 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B2C
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFxlRYl8kVjoxTDRKELSOX8&google_cver=1&google_push=ARnp8GCvRm2xvcdV0A55ig8N2h4N2SZFbYAkkAZgczVlHmwZcSXYufls4y...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GCvRm2xvcdV0A55ig8N2h4N2SZFbYAkkAZgczVlHmwZcSXYufls4y_Gp1xU7PfgiWD1CMRh0qVOGm2DUSnZqe8iN-b7uBYY&google_hm=4Bo4VghE_Sr-...

170 B
188 B

18ms
18ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GCvRm2xvcdV0A55ig8N2h4N2SZFbYAkkAZgczVlHmwZcSXYufls4y_Gp1xU7PfgiWD1CMRh0qVOGm2DUSnZqe8iN-b7uBYY&google_hm=4Bo4VghE_Sr-M5jm8t4szw

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GCvRm2xvcdV0A55ig8N2h4N2SZFbYAkkAZgczVlHmwZcSXYufls4y_Gp1xU7PfgiWD1CMRh0qVOGm2DUSnZqe8iN-b7uBYY&google_hm=4Bo4VghE_Sr-M5jm8t4szw
pragma: no-cache
date: Mon, 13 Jun 2022 11:07:23 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B2C
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GDZwHVeu14g3Pq4O5cmCFpK6Q-fk8EY3AgNKK8...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXFjYWF3QUFBZG5AeVh1VQ&google_push=ARnp8GDZwHVeu14g3Pq4O5cmCFpK6Q-fk8EY3AgNKK8RFMMXoppXOmrp-1zaOBKAbs5QAy2wnbDFoJ9WwnynUlbUfPjWwL7nrPc

170 B
188 B

19ms
19ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXFjYWF3QUFBZG5AeVh1VQ&google_push=ARnp8GDZwHVeu14g3Pq4O5cmCFpK6Q-fk8EY3AgNKK8RFMMXoppXOmrp-1zaOBKAbs5QAy2wnbDFoJ9WwnynUlbUfPjWwL7nrPc

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXFjYWF3QUFBZG5AeVh1VQ&google_push=ARnp8GDZwHVeu14g3Pq4O5cmCFpK6Q-fk8EY3AgNKK8RFMMXoppXOmrp-1zaOBKAbs5QAy2wnbDFoJ9WwnynUlbUfPjWwL7nrPc
Date: Mon, 13 Jun 2022 11:07:23 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B2C
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDihoFe...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDihoFe...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MTMxMTA3MjMwMDA2NDMwODcxNjkzMQ%3D%3D&google_push=ARnp8GDihoFe1zeMkkpBTH0Yg28sdcowTRj9MdCF6MXLf1db_7VaTjN4fpmjTuJONGFEQ2...

170 B
188 B

19ms
19ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MTMxMTA3MjMwMDA2NDMwODcxNjkzMQ%3D%3D&google_push=ARnp8GDihoFe1zeMkkpBTH0Yg28sdcowTRj9MdCF6MXLf1db_7VaTjN4fpmjTuJONGFEQ2P88a-MXiANW3uzFGcnstPsTmtLmsM

Requested by

Host: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MTMxMTA3MjMwMDA2NDMwODcxNjkzMQ%3D%3D&google_push=ARnp8GDihoFe1zeMkkpBTH0Yg28sdcowTRj9MdCF6MXLf1db_7VaTjN4fpmjTuJONGFEQ2P88a-MXiANW3uzFGcnstPsTmtLmsM
pragma: no-cache
date: Mon, 13 Jun 2022 11:07:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 13 Jun 2022 11:07:23 GMT

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame 7B2C 43 B
64 B 114ms
105ms Image
image/gif 35.190.90.30
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEEzs7Qu1Et0xqn3HGY0GUPE&google_push=ARnp8GAVgZ3RF9D_6JrZD2urh9gr8FDU4NN8rIKVyzwA0RazIqF3_s6aSi1xesA-rAxmBwG8AFzZD34guIWFpwxdPSqJFMdqahA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355035787845411&output=html&h=280&slotname=9092794331&adk=92259808&adf=2442409221&pi=t.ma~as.9092794331&w=1200&fwrn=4&fwrnh=100&lmt=1655118442&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fca.topnews.media%2Fukraine%2Fpfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655118442326&bpp=1&bdt=2526&idt=2&shv=r20220608&mjsv=m202206080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc36950a3436e84fe-226a4c21afcd0047%3AT%3D1655118440%3ART%3D1655118440%3AS%3DALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg&prev_fmts=0x0%2C388x280&nras=1&correlator=2742373256719&frm=20&pv=1&ga_vid=1712750863.1655118440&ga_sid=1655118440&ga_hid=2027121064&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761793%2C44761044%2C31067527%2C31067768%2C31067966%2C31062931&oid=2&pvsid=4170819966367376&tmod=411997247&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3nVaI2Bpgy&p=https%3A//ca.topnews.media&dtd=25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.90.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.90.190.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:23 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B2C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dcg5DCtrSOSrUwc-roXa2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

19ms
19ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dcg5DCtrSOSrUwc-roXa2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDaEztf_C-HzGiLlJJNxB4DvkZTv5GBJR9cnseW1pP4vbg2BdBfcfmNj-IBKjOHIkFVS_jXZIKEHD9dkcCr6wol4y03R5Ur

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dcg5DCtrSOSrUwc-roXa2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDaEztf_C-HzGiLlJJNxB4DvkZTv5GBJR9cnseW1pP4vbg2BdBfcfmNj-IBKjOHIkFVS_jXZIKEHD9dkcCr6wol4y03R5Ur
date: Mon, 13 Jun 2022 11:07:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B2C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELXhvpy6ikFYE5XSBuFHX20&google_cver=1&google_push=ARnp8GAWMxdgUURh-jse6-Uw3BjZkKEJTso18FDUa-9uJcGvtV2fXjeNrXmyQ5MU0Q4DX0m118L...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRDTVNDNDMtMjMtSDJIRg==&google_push=ARnp8GAWMxdgUURh-jse6-Uw3BjZkKEJTso18FDUa-9uJcGvtV2fXjeNrXmyQ5MU0Q4DX0m118LjAKNX22hTBc3Gi7u5Y8B9KUDE

170 B
188 B

18ms
18ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRDTVNDNDMtMjMtSDJIRg==&google_push=ARnp8GAWMxdgUURh-jse6-Uw3BjZkKEJTso18FDUa-9uJcGvtV2fXjeNrXmyQ5MU0Q4DX0m118LjAKNX22hTBc3Gi7u5Y8B9KUDE

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRDTVNDNDMtMjMtSDJIRg==&google_push=ARnp8GAWMxdgUURh-jse6-Uw3BjZkKEJTso18FDUa-9uJcGvtV2fXjeNrXmyQ5MU0Q4DX0m118LjAKNX22hTBc3Gi7u5Y8B9KUDE
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7B2C 0
12 B 16ms
15ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jbzl3lq7f0FB1h4iWe3Qx4oaV043_crRjCmriMb1BExQRHCBAtFqLwQwKAK7t8mA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame D1D4 11 KB
5 KB 44ms
42ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=1poABODXc6uBLerpCtBOkbASyYtzBjBf&g=e6063f3cded143a1fecefe3bd5a1a94a%2F6001507813752181719&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1655118443095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%2526client%253Dca-pub-3355035787845411%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28970b3fd166fd5216e0053b5f336e8808e7c73b9787b8184904758a9636b094

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hzsx4zf4f11h4s7a907hcvbam80h8s8vq2txx024he0kkqmvwrbh7jsfznwp1gk1deb8swpmnmxrv4drsxxwf4t1ear7mszbsn12xmr1nzp6arbbkrabjeav6zxptdh2a4106xaqf5r5f82c99rx228wymg21vamw0jbmzdcg6zpb4jke56059m0nn5dp28wx2y4wc1d1yr6excmdhmknhxm2htz9zwpz01y3nhmngevyxsab59j77rw91x916kda82krg0hsa4bzfhynxtexxtkwnm8he7hb8mnj02t56tejntw8vrhy8mp29yb39c63maa4dbykj2s4thgwz5pnr3vwjmdy4cjb4q39e8htmnyk7fhcmg75vndxkytk8hpt80s1ed0q3gzzkz9a83v2te4fv4qjqzcm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%26client%3Dca-pub-3355035787845411%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 71aa5cbd7af59159-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 11:07:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 8C4A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91bcabaf0d2eea9bb11217064bc9156d88ad4002676aff96aa6b374fe1ece3a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.20/one-ad/ Frame D1D4 85 KB
11 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=1poABODXc6uBLerpCtBOkbASyYtzBjBf&g=e6063f3cded143a1fecefe3bd5a1a94a%2F6001507813752181719&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1655118443095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%2526client%253Dca-pub-3355035787845411%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8965ee1f9673ae2ab083ee9c063eea7eb04aef2e756a7e46f58337bb1caef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=1poABODXc6uBLerpCtBOkbASyYtzBjBf&g=e6063f3cded143a1fecefe3bd5a1a94a%2F6001507813752181719&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1655118443095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%2526client%253Dca-pub-3355035787845411%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 501001
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86961
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Tue, 07 Jun 2022 15:57:22 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 71aa5cbdcbc39159-FRA
cf-bgj: minify

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame D1D4 8 KB
9 KB 29ms
19ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=1poABODXc6uBLerpCtBOkbASyYtzBjBf&g=e6063f3cded143a1fecefe3bd5a1a94a%2F6001507813752181719&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1655118443095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%2526client%253Dca-pub-3355035787845411%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Mon, 13 Jun 2022 11:07:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 297362
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdt3T057KhRd8Z4mMGXcZ7CI8Q8sZC_7tOJfBJJPOu8bkF_lmFif6HbJjAMDjSevJET0FSHmLCwmDNmDW_inWSDswA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NW98Qlguc6hJwNaruSP0kpbALJYe0B%2BYtK%2FD4aOy5rIoLienm07T0k3tfQSaGaZBn8RRR22hSPKQ5UNXnsL1xoI%2BbbrerkD4t4yf%2F%2BCeak9d4vNECdKlvc7N%2BTtT3KlT0b2XkDxZQWHmtRjX"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Tue, 14 Jun 2022 11:07:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 71aa5cbdd8cd9061-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame D1D4 93 KB
94 KB 38ms
30ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=1poABODXc6uBLerpCtBOkbASyYtzBjBf&g=e6063f3cded143a1fecefe3bd5a1a94a%2F6001507813752181719&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1655118443095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%2526client%253Dca-pub-3355035787845411%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=kgeS2g==, md5=b93XIEsKCkA/WEJIvaEtcg==
date: Mon, 13 Jun 2022 11:07:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 296084
cf-polished: origFmt=png, origSize=155400
x-guploader-uploadid: ADPycdvCofEwWcwRbV-U3kMWP2MkO6r6tNLHw6dkeu5lQzT2_l0wgb5jhe3YyjcAgRv1SCN6SqfGTXJkAGUh9HIhq7malg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95550
last-modified: Thu, 24 Mar 2022 15:45:36 GMT
server: cloudflare
etag: "6fddd7204b0a0a403f584248bda12d72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cMp%2FOH8wT2IvzQearA3O91bNy5syK6HltDArtYhlCUI%2BixzPatV4UUwKKvU4KRevx94Ad0u2gJqpSDAlm%2BJbm5OLD%2BASnIPISXYnq8Uw2IO6iMMPE1htGOrz7BS3jlbwD%2FcFCjBnCrUIIMr"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648136736276206
content-type: image/webp
expires: Tue, 14 Jun 2022 11:07:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 155400
accept-ranges: bytes
cf-ray: 71aa5cbdd8c99061-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame D1D4
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNGz-dakqvgCFRRB4AodLPIMGQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1655118443_003e2af0-eb09-11ec-9580-2234796a82c3

0
518 B

33ms
7ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1655118443_003e2af0-eb09-11ec-9580-2234796a82c3
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=1poABODXc6uBLerpCtBOkbASyYtzBjBf&g=e6063f3cded143a1fecefe3bd5a1a94a%2F6001507813752181719&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1655118443095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%2526client%253Dca-pub-3355035787845411%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 11:07:23 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Mon, 13 Jun 2022 11:07:23 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1655118443_003e2af0-eb09-11ec-9580-2234796a82c3
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame D1D4 38 KB
38 KB 37ms
30ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=1poABODXc6uBLerpCtBOkbASyYtzBjBf&g=e6063f3cded143a1fecefe3bd5a1a94a%2F6001507813752181719&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1655118443095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%2526client%253Dca-pub-3355035787845411%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Mon, 13 Jun 2022 11:07:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 298202
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdsp52cCyeyMqBPlUvdnS15Utyb3-bWk9Qbl9MgA4eQL6ZrYT2E0V4eGzvVMSDLzoKrZPIadn2O3R9tZKSjXoFUz7w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSNM0qhHX7HFSk0yOM%2Fx2KXD%2BqaVKHEND7M92rnANEk%2Biw1wQEwfi9cLr0xlt5cyJLqa0Zir%2FaVqlFfXgXJe7dLecFoBO%2B8SH4zZVYtke2H%2BoWU12TfDKRAuU9AbaWrea4cWJu%2FjdF%2BTCQxr"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Tue, 14 Jun 2022 11:07:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 71aa5cbdd8ce9061-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame D1D4 84 KB
84 KB 30ms
22ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=1poABODXc6uBLerpCtBOkbASyYtzBjBf&g=e6063f3cded143a1fecefe3bd5a1a94a%2F6001507813752181719&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1655118443095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%2526client%253Dca-pub-3355035787845411%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Mon, 13 Jun 2022 11:07:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1309117
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdu4nh5obCsLLSKtVW321FZH20V_oHseo8WCszOV5QRZyn8AI_p2Ga8U-RQdTMLH3UX-cvFr--pvECd8J4wOD0A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtVMAwKlfrCnqCK2Ps4YEhZ32beZ8QeMOA0vvvRVzptx6Fm%2B8I8JJ5CXp42uiSiXjdUvDLZuGV3eQKFjHyYaqAmup3zVfDfYCIiJEnPWC8Bwxh0nYFNkP0BcHeX3eODEtbdkLuBQr1W7SvbJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Tue, 14 Jun 2022 11:07:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 71aa5cbdd8d29061-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame D1D4 16 KB
16 KB 31ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=1poABODXc6uBLerpCtBOkbASyYtzBjBf&g=e6063f3cded143a1fecefe3bd5a1a94a%2F6001507813752181719&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1655118443095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%2526client%253Dca-pub-3355035787845411%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=kzpU3g==, md5=rZM0ZkUU2QCgw7dtF8qWDw==
date: Mon, 13 Jun 2022 11:07:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 296764
cf-polished: origFmt=png, origSize=39979
x-guploader-uploadid: ADPycdvC-tvGW_9pMga2QX2Z-d8xZA9i73Xf-XPkj-66PR54SEWviSncQTLCDMr3RPkksNQQdzR2C3EZwRwGJsYiI5MfbrNaRxFz
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mr6ASS%2FpF0UjiPE866HKe1X%2BT5Xvh9D7EwksbjzsKWYv3S2%2BiZnHYcH67F7SjCIDreVod6FhoRi2vVMh9Dq4BHAcPt2KhSXOI9XBgwNm%2F0wm%2F6WMzVSiMpIsSoPcPibQcwF8uEzZ37gYiBhx"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698475785088
content-type: image/webp
expires: Tue, 14 Jun 2022 11:07:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 39979
accept-ranges: bytes
cf-ray: 71aa5cbdd8d19061-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 CA35DB040CB8C5ED1192C48CDBAE325A37E21AF74F6A26D75DD2C8541657D2DE12CD68F68AB3432BF7F0B71244C3A958AD3C76971F8D26B170CD75EDB1D0FC90
assets.ad4m.at/ Frame D1D4 20 KB
21 KB 30ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/CA35DB040CB8C5ED1192C48CDBAE325A37E21AF74F6A26D75DD2C8541657D2DE12CD68F68AB3432BF7F0B71244C3A958AD3C76971F8D26B170CD75EDB1D0FC90
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=1poABODXc6uBLerpCtBOkbASyYtzBjBf&g=e6063f3cded143a1fecefe3bd5a1a94a%2F6001507813752181719&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1655118443095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%2526client%253Dca-pub-3355035787845411%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e68e40852527c1f28682b1c4a8715dcaba615264d92ec50615744a2c21e90a13

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=ms9cAg==, md5=CE5c7L5VWa5ws5REMc8kpA==
date: Mon, 13 Jun 2022 11:07:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 295461
cf-polished: qual=85, origFmt=jpeg, origSize=61317
x-guploader-uploadid: ADPycdt8rheCM-zy3y4FYd-rRKQ5WEqMh1MbJPnnHKytYHBK3mxoKgyqEdUU_p1HqOLl2XaSn6Cr_VqJaBtI6Qz1aTRFyA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20942
last-modified: Mon, 07 Oct 2019 09:26:20 GMT
server: cloudflare
etag: "084e5cecbe5559ae70b3944431cf24a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyLJMmGppV8sjl1LwKrDcXLYmLF8r05Ix17KP9LiYPdC0LHALn5YJkgtNaC0mK5AiQx0LA8s%2BVm5CC62M72zfgh06MWE%2FrQCpp07tpABxMY0apFgPu1bwCWy80RDt%2Fh1BmODwlE7aYG%2BI4Sl"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570440380010734
content-type: image/webp
expires: Tue, 14 Jun 2022 11:07:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 61317
accept-ranges: bytes
cf-ray: 71aa5cbdd8d49061-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

ztpv.php
www.conrad.de/ Frame D1D4
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuid1poABODXc6uBLerpCtBOkbASyYtzBjBfasuid__dc_reach_suite02wkz&gdpr_cons...
https://www.zenaps.com/cshow.php?pvr=0030e480-eb09-11ec-9435-22651120a0a6&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuid1poABODXc6uBLerpCtBOkbASyYtz...
https://www.conrad.de/ztpv.php?awc=11354_412871_1655118443_0030e480-eb09-11ec-9435-22651120a0a6&insert=AW&&gdpr=0&gdpr_consent=

0
915 B

69ms
41ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1655118443_0030e480-eb09-11ec-9435-22651120a0a6&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
via: 1.1 varnish (Varnish/6.6)
cf-cache-status: DYNAMIC
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=03Zgln4RX2YlKw7Mgln1o4dvjfTxLi4tp6XLK0Xp_L4-1655118443-0-AdTRcJhuhM0wPV-7yOB4aCGKkQRwxn1v8BJ_sW1PI4RFkPv26O7ycJqLHbQIguDhIQyeQXzgMWRNqRtwJTIaDz0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type: text/html; charset=UTF-8
content-encoding: br
cache-control: no-cache
x-varnish: 483023924
strict-transport-security: max-age=15552000
cf-ray: 71aa5cbeb9295c8c-FRA
expires: -1

Redirect headers

Date: Mon, 13 Jun 2022 11:07:23 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1655118443_0030e480-eb09-11ec-9435-22651120a0a6&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame D1D4 1 KB
2 KB 202ms
129ms Script
text/html 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9n447z2vn995wsa0knx7ykpfqqky2czz43jzxnz6v728xkr42m2wj0kh8j1c4exzxcts0pxykjtnfez7mqx0hx8679b95t1kgba8vs3zsryxfbaejr5kby7qttfazqadayd5zey16mhwc8p9yqp2zkphthk9wc82tdg1n8xa2b66752v2744tsn15ybgz0fkzdqzyk3padc6t9m9qqr646x8ha65cvpe96q9p00v1f21w7nw8draewxse4dxssyntnk1ky4wdy4w0fp1fz3sdqsx16vh8ygfgb9vj037z3854gyjsz2%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%252526client%25253Dca-pub-3355035787845411%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__asuid1poABODXc6uBLerpCtBOkbASyYtzBjBfasuid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__asuid1poABODXc6uBLerpCtBOkbASyYtzBjBfasuid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=1poABODXc6uBLerpCtBOkbASyYtzBjBf&g=e6063f3cded143a1fecefe3bd5a1a94a%2F6001507813752181719&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1655118443095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%2526client%253Dca-pub-3355035787845411%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 103a1d297f09a6eafae79bf21c4b7da7f1e2cefd65d93996e1dceb07ec9451bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 11:07:23 GMT
Last-Modified: Mon, 13 Jun 2022 11:07:23 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1486
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9D23 2 KB
1 KB 49ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqcaagANrOkK7dVYAAo0z9yhtZIPt4bvR1U6Eg&u=%7Cft7ZCjuJwTLQKb89XhrMpeoHgJVe5PxthY9EqEB6Fpk%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdgtBH6KllqllAY4WLkl56pRWPZRFcFl5ac0_uOlWYITUqgc9NZeQ1DSoHMRODarEMaP3KaGClxug4QwEJcSa9sTSrdEWgGeji2-maVDV7DHYr3zKBgwlBqXjMjCP04sno6CKTbsykSLSBOkPrDtShYHVYnG9cIyfM0ww0mavECGIk-pLznHz9NGM_OWyalOenD3WehuJqDiMddi2pMZuiwk2FQdyLTm5iZxE7MPu6S9eaSaVvJWxIklThR2S5LkTXnNLTOfkzuFNy5h8cTkgS9UJrpS4k0IdkVStkvmqDubeMF_g0H8ZmZhyhLM7yz4rg21k_ldydx9wKR9pbqclALq4eovgdcMnKTA7zPI5XwWHirngCZqqHFC3bn6K6d7xUwhpdgqzg1F6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa9rrahqnYunZNtiqtwfP6ajICMme0rFc9ZHevrEBwI23ARABIABglfKwgrgHggEXY2EtcHViLTMzNTUwMzU3ODc4NDU0MTGgAdW20uoDyAEJqQJHg1yb0Y2xPqgDAaoExAJP0Hbxfy4byyBmWzjd-OG3Oa8kfGJSkHjQlDADRatiX2kFAw_3saL6fIrvsRo8hXeb0y5JxYeMxWq40lBHbDWDIxE8fJuywR9s6FzJ4_0IWWyDDe2_ilYtLsNhLJefwXq9CsO04kxl7-l4aCUPlD3AlI-oHaraalNNFICNUM1n9vw7pnbZWYl3xOx3xa3FhCkn9OPV9rfrEa6CtOOQg-a3RcOK2lCjzq0denBOwqDu1ipOa2CtF7w3-d08NbKvcOQD4l3pn8Vuqr8999nxcdcWM-ztyvs8L521en_1PLLkhQUaN7sZjYSHqHGAdxQDO31iF4IKhRJ2pzi39tk0lMRsGKlU1Uy0Xak2-j6Y9ZCofAuHVwphFVbd6_y3W9mUPtlGT0dt4LIGvJ1Wbkv8WCoC6jMJ2BME26D5VIkNib8WXM0qNjSABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2T2GyVukAT1LE7MLUxZHE91WO1-Q%26client%3Dca-pub-3355035787845411%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Jun 2023 11:07:23 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9D23 2 KB
1 KB 54ms
25ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Jun 2023 11:07:23 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9D23 308 B
637 B 35ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 08 Jun 2023 11:07:23 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9D23 293 B
621 B 35ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 08 Jun 2023 11:07:23 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 9D23 43 B
348 B 50ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QypHI1gLZnpK0PxU1OnM9rwR6ZllXA5B6aaBTVAni6-1SkJ0ooxOq-KBjDXsnj6_ssBpmHe-h_bz2ddu8r7rFxlM2iXAzTugH4DggpDQWEvYedA9YmKnVaxZHsoo2S8SPBWfPMmZfzGhEaHFLNoPfaJ3dz4GSFB_7PYfCeKR-DxFuljF7Tr2BOaxsL-n73yCecJSmyOLDG-dwBPlm4fGDtWJ0rLl0FzRVutRe0B7JYJRFKiGrmWjPDwSOd7v_RsLY-2CxL4BfNtctHC2XUWfK2ZeGnQkU3nhsMiv16sU4mfgue48XyNwGWqX2oiRwHxYoZma5f8C_pckpERfFFPiSF3FZfASXeRV76At7bKsQ_bDUYzhfO4CyMqfPpZwx1Wp0Kki6OsZtqIPba5YSWcoqbw0Mpgafa8rnROl_QEnADUd1aD_jJ3KahCkO6izLz5e0cbvjA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 11:07:22 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3700104
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9D23 12 KB
5 KB 35ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1004533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vx%2B%2FahxpBz3wLgnPyIgl3nHm%2Feslyg8akTA1uAkZcCjZW1vP4GzfOfNMnvY4azFGl35Sml6NKe7BhG4Wc2JqjoKp5%2Bep7PnMyEmh%2FAExiTBSJ4BbRX8MVeKFkO4FAKQLaDgF0fIVTV9gBXcFOQRNCuEw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71aa5cbe5d4c9182-FRA
expires: Sat, 03 Jun 2023 11:07:23 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9D23 12 KB
6 KB 17ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Jun 2023 11:07:23 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 9D23 68 KB
68 KB 45ms
17ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Jun 2023 11:07:23 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 9D23 68 KB
68 KB 72ms
44ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Jun 2023 11:07:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9D23 24 KB
24 KB 62ms
26ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F211022%2F45f963b9b4db4061b7e96b7b9b33fb3d_img_horizontal_1.png&v=3&w=1200&s=XPRAud79PKlPO2n-2Elk2RGL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30247332
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24138
expires: Mon, 29 May 2023 13:09:36 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9D23 0
128 B 60ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=hsz55bHDFtdAkwDx1IxlsLCCCzcxZveyvdBBbVZEqnZYvxIvTZSOi26Sok_GVXaNykzrh3OKCg5InsfPeX29QXRC1UkxkNK5TJ2Hg1ZC-njqtg0DL8JHwp5wu1qiP_SjYxV8XSRPfRU99dg614uF68yc_QFT1pWBSK2Q-OE68iHs49iX-ZmJm103uAwE4KJpFMf7-1cdPSuZmynSntsIQoIZO0_eC86EI7QqBNzECnFbC_nG2j65A8uZFCf7hC9WwCzU6Q&sds=2&rev=81696&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 13 Jun 2022 11:07:22 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9D23 2 KB
1 KB 38ms
38ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Jun 2023 11:07:23 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9D23 2 KB
1 KB 38ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:23 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Jun 2023 11:07:23 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D1D4 51 KB
51 KB 43ms
7ms Script
application/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9n447z2vn995wsa0knx7ykpfqqky2czz43jzxnz6v728xkr42m2wj0kh8j1c4exzxcts0pxykjtnfez7mqx0hx8679b95t1kgba8vs3zsryxfbaejr5kby7qttfazqadayd5zey16mhwc8p9yqp2zkphthk9wc82tdg1n8xa2b66752v2744tsn15ybgz0fkzdqzyk3padc6t9m9qqr646x8ha65cvpe96q9p00v1f21w7nw8draewxse4dxssyntnk1ky4wdy4w0fp1fz3sdqsx16vh8ygfgb9vj037z3854gyjsz2%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%252526client%25253Dca-pub-3355035787845411%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__asuid1poABODXc6uBLerpCtBOkbASyYtzBjBfasuid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__asuid1poABODXc6uBLerpCtBOkbASyYtzBjBfasuid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: 3_MJXCnMrjiLc9gQ4cSP2UO8QHaqI_KE
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
last-modified: Tue, 24 May 2022 13:31:25 GMT
server: AmazonS3
age: 84571
etag: "8e0f444d427a5cc08c98fd04087e9847"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 12 Jun 2022 11:37:53 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 52117
x-amz-cf-id: wQspJpsDUKbg_M7GQ0Y3Tj6wnaKv22Cg_m9jFid7kUv_X87ajgioxw==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame D1D4 85 KB
85 KB 84ms
44ms Image
image/png 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqxoneid__asuidahXuN43idar3CbjLEHNClDCiGXWbUEfzasuid__suite_Netmix_Reach09_Mweb_PRIVATKREDIT&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=1poABODXc6uBLerpCtBOkbASyYtzBjBf&g=e6063f3cded143a1fecefe3bd5a1a94a%2F6001507813752181719&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1655118443095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwgy6efnwxh3np3e3gf3t0xy7hrqd57twtmes47hmpw6s2d18bxh4z3bs11yry0gmpz55npatft42c21geaxqd10pvn9myq1fntaznmt3re8s1c12bar00s9w290me6etm9s6z1yg0agstrryeh031cq3x4rzey8n0svc9j2ty4pv17bs79h3byqqmb9s33zgphh3wz9k6atwa2qvmy9zqpkc2sqsw6yz80516m379db2xptj13yqh9kew411gdgs37w09h90c9y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvqFYahqnYp_UE7OhtOUPpd63mAeQ4YGEXLaoworwAsCNtwEQASAAYJXysIK4B4IBF2NhLXB1Yi0zMzU1MDM1Nzg3ODQ1NDExoAHCrujdA8gBCakCMaNrT-2lsT6oAwGqBMMCT9AzOEIqis_RS1UlQqOMVQ7hKaKPAXP8lz2Y1pOjDSz2pBOqtz7juoqc8mqaHlkSDILQ0NgqDg8ISW2ZwnQShS8--Du9CLL7sjCExSe2YXKY6RKhx2WRxYB-OF0WTtxRKtLr6a-IQAiyQy5mQXYi8CWCpVcaRSAkb6Od1QtCgLpUPjeo-hIreJjzMgr8XZnutUZGazXFxKs6-Z5R9xVWb5PtjXqNM0n1FW0cyHynhPVY_YeKR9SCxMUhLgzTnl_e_x4YQIoU9MXBqNwsQWF5sEMazd6rgXYGYZP4rndgn5IZyMAFs9NLCBfDxAJc3wIHkPJqzpnR1Mn6fNflPah804k1w8pA-Ari7OBvHavIiT6U-wZG9x4AqiaeGOQKWDeQRVZeHvE7vS396EO6N88AVcECpeRyaindlcwY_k6KX_KPdw6ABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0LFs5W3PL3LM4xHUQ6nZ7AQslsxg%2526client%253Dca-pub-3355035787845411%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 11:07:23 GMT
Last-Modified: Mon, 13 Jun 2022 11:07:23 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 43ms
27ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220608&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09fac26e5b3f13f50ab3450c85b77fadd624baad7082dc6edd75a4c4cd997f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Jun 2022 11:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10628
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 888ms
888ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 11:07:24 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D1D4 16 B
232 B 93ms
92ms Fetch
application/json 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-130-126.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Jun 2022 11:07:24 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 110ms
31ms Preflight 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 13 Jun 2022 11:07:24 GMT
server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 406A 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca.topnews.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 10:34:16 GMT
expires: Tue, 13 Jun 2023 10:34:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FFBE 783 B
536 B 128ms
128ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe82fcc31eb3cc00c6e54d0a33e4c4b9da49b3fc6765795bc80ab38b9c899851

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Wj8D4DZyUcVBJ_axnlZ_8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ca.topnews.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Wj8D4DZyUcVBJ_axnlZ_8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 11:07:24 GMT
expires: Mon, 13 Jun 2022 11:07:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 0A402iRY5hLk7vfRuKaxnQONXP61muIeBT4Iz070aFY.js Show response
pagead2.googlesyndication.com/bg/ Frame 406A 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0A402iRY5hLk7vfRuKaxnQONXP61muIeBT4Iz070aFY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00e34da2458e612e4eef7d1b8a6b19d038d5cfeb59ae21e053e08cf4ef46856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 00:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13869
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 00:11:19 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 406A 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VzHbDw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FFBE 0
0 56ms
56ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220608&jk=4170819966367376&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
60ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220608&jk=4170819966367376&bg=!vb6lvvrNAAaJfvByqX47ACkAdvg8WvTqobdJkXzR9CjDubIV8S0d7s4_U82tSVfflLpkqATeJFOyZwIAAABBUgAAAAhoAQcKAHVHHgpvhThbQ-HYfbBxoX3o1vzajTrWnn0QOwxRUAlvdre55QNhorP8i_Np2bSDUaTKbdeUTpzq5EVN6M_7_IVuRGR1siQa3R4DsSZ89cSnRhbx52R0o0WexM9W8XaSGYE0JpQL4yRXvsULILervpr7rlHLyvSZAprmvND4jPhqRm4SC9-_xY_C1D43TjycE32UJDYpGwVV0LN8FYrB9koKPMkvXu8cJyYDNJK8vjab7Ix7DQxzyFJpabwcgpKtAO76wdYWoQYCdqrp6j-pzBKgW2OqK9Q3bUJjFhFtdpiOatkKc759Eh3AW3riQ9U6H--Cndu5FxWfAtcyqdo8nRxAtIEYsTeWbsenVCBKgQz4umi25N9LN9cYa6hymHzm_u9PuYc2TavRGBVeGj1TrwRdL8rwmTDUB3g1ZKBEPnQMM3_CPUUAl-1le40PP-adykG1B_IXRZYnZBjnje_WR3vVIdBFJOQRoJz3WCQhuw_EsENVzwu2zJCXzLDOn9bO-Z2j1282gmpjdavhqs-RUU4cS6ru8bKnxXmsvWXIWXVUjqVK5S7060zEYBa8mN0x1jG9MtMXURPc9RqXtdk0E5r679ss0mELD0F4jGj0nnA_Np7wbJy5q73Zntu0U89-m1oxBeA_bZRhx5d4Cmmyrz3Q4nnsPAuiegcIp0LOvRLTwc3IPjRFGaqlnEQe8WJldc41v0ANTUuCgagW-NdWMysvIpNwHNNFP70mxNZtWtvioyVeDrZVMqu-7ojdQ7NeoYgJxk_-ORjU0Q4rsA_1hoZneJksNOPydzVqh9qDBabVqFMhjhPMt7Gqjo2O1RVyApYV33zpjwNlr8CDH53IBvh9zbGUY1mX-jwvNsXstC0gvCBqigL5-MDb-F_dFOWATgXpluqMLsfQkwgqcZ6FQM6MCOE5xJBXeUUzEg9RTDtnD5V2QfsW0ZTD572ET7jglCa5A41jXMVIYnwPEushzsxh9YWhVHpaaDpFQO9r3jhMoEdvCnRTWiy4pnhy2ngv2r0keBQhzNjIqj4sxl5DflqWZ7Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca.topnews.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ca.topnews.media
URL: https://ca.topnews.media/wp-admin/admin-ajax.php?postviews_id=85721&action=tie_postviews&_=1655118439966

Domain: ca.topnews.media
URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/?relatedposts=1

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.topnews.media/	1970-01-20 21:16:30	Name: _ga Value: GA1.2.1712750863.1655118440
.topnews.media/	1970-01-20 03:46:44	Name: _gid Value: GA1.2.1258160332.1655118440
.topnews.media/	1970-01-20 03:45:18	Name: _gat_gtag_UA_162042173_8 Value: 1
.topnews.media/	1970-01-20 13:06:54	Name: __gads Value: ID=c36950a3436e84fe-226a4c21afcd0047:T=1655118440:RT=1655118440:S=ALNI_MblTJ26dicF3_6aPkEsvARW9RG1fg
.topnews.media/	1970-01-20 05:54:54	Name: _fbp Value: fb.1.1655118442180.453070044
ca.topnews.media/	1970-01-20 12:30:54	Name: cookielawinfo-checkbox-necessary Value: yes
ca.topnews.media/	1970-01-20 12:30:54	Name: cookielawinfo-checkbox-functional Value: no
ca.topnews.media/	1970-01-20 12:30:54	Name: cookielawinfo-checkbox-performance Value: no
ca.topnews.media/	1970-01-20 12:30:54	Name: cookielawinfo-checkbox-analytics Value: no
ca.topnews.media/	1970-01-20 12:30:54	Name: cookielawinfo-checkbox-advertisement Value: no
ca.topnews.media/	1970-01-20 12:30:54	Name: cookielawinfo-checkbox-others Value: no
.doubleclick.net/	1970-01-20 13:06:54	Name: IDE Value: AHWqTUkQo2eOVnaUcN5KDiRYMdOQW7X8EtEnRW4J4B3-jnrg8Vviuix_mQE1yZMnd3I
.quantserve.com/	1970-01-20 05:54:54	Name: d Value: EBEBCQGvJoEA
.quantserve.com/	1970-01-20 13:15:32	Name: mc Value: 62a71a6a-e74b4-da580-3d116
.casalemedia.com/	1970-01-20 12:30:54	Name: CMID Value: YqcaauDc7SOI4Vk44E4UXAAA
.casalemedia.com/	1970-01-20 05:54:54	Name: CMPS Value: 5181
.pubmatic.com/	1970-01-20 03:46:44	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 05:54:54	Name: CMPRO Value: 1198
.casalemedia.com/	1970-01-20 03:46:44	Name: CMST Value: YqcaamKnGmoA
.pubmatic.com/	1970-01-20 05:54:54	Name: KADUSERCOOKIE Value: 0DC8390C-2B6B-48E4-AB53-073EAE85DADB
.mookie1.com/	1970-01-20 13:14:06	Name: id Value: 10614069528618079932
.mookie1.com/	1970-01-20 13:14:06	Name: mdata Value: 1\|10614069528618079932\|1655118442989
.mookie1.com/	1970-01-20 13:14:06	Name: ov Value: 7a82dbbd99fdda060bea60e8df0d557a
.awin1.com/	1970-01-20 03:49:37	Name: awpv11354 Value: 412871\|1655118443\|0030e480-eb09-11ec-9435-22651120a0a6
.zenaps.com/	1970-01-20 03:49:37	Name: awpv11354 Value: 412871\|1655118443\|0030e480-eb09-11ec-9435-22651120a0a6
.zenaps.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
.e.dlx.addthis.com/	1970-01-20 13:15:32	Name: na_tc Value: Y
.awin1.com/	1970-01-20 03:55:23	Name: awpv11938 Value: 412871\|1655118443\|003e2af0-eb09-11ec-9580-2234796a82c3
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 03:55:30	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1655118443_003e2af0-eb09-11ec-9580-2234796a82c3%22%2C%22sp%22%3A%22awin%22%7D
www.conrad.de/	1970-01-20 03:52:30	Name: HTLP_timestamp Value: 1655118443
www.conrad.de/	1970-01-20 03:52:30	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 03:45:20	Name: __cf_bm Value: ncnW2e8moSrVgy7QyI9hJjF9p72W7ZBJDAwQbsfGxJQ-1655118443-0-ARw+yj8XEKj40u7+g6xgau+XRsUXYwflxY+Bwx/bPSXfm/iBYN55zw3RETMrbZrLMEveJ8mpQbIl+qvrOCB07yI=
.addthis.com/	1970-01-20 13:15:32	Name: na_id Value: 2022061311072300064308716931
.addthis.com/	1970-01-20 13:15:32	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:15:32	Name: uid Value: 62a71a6b83255a89
.addthis.com/	1970-01-20 13:15:32	Name: ouid Value: 62a71a6b00013dfe7f1105bcce4ecc18e93ad7e1453a6cb9cc5e
.dlx.addthis.com/	1970-01-20 04:28:30	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 04:28:30	Name: na_sr Value: 20220613
.dlx.addthis.com/	1970-01-20 03:45:18	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 04:28:30	Name: na_sc_e Value: 0

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 268) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 268) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://aprilineffective.com/b7adea9c056eafc6f5f3aea5f7f14191/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 271) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 271) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 272) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 272) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 273) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 273) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 274) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/56859bd5cfa3136336ca47109428b997/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 274) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/56859bd5cfa3136336ca47109428b997/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://aprilineffective.com/56859bd5cfa3136336ca47109428b997/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 284) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/56859bd5cfa3136336ca47109428b997/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 284) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/56859bd5cfa3136336ca47109428b997/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://aprilineffective.com/56859bd5cfa3136336ca47109428b997/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 510) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/b2f9b1ac8a73bd9ea377ec034617c035/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 510) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/b2f9b1ac8a73bd9ea377ec034617c035/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://aprilineffective.com/b2f9b1ac8a73bd9ea377ec034617c035/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 596) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ca.topnews.media/ukraine/pfizer-vaccines-are-safe-and-effective-for-young-children-fda-news-on-unn/(Line 596) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://aprilineffective.com/a895473ba3537c654d62fb62fdc99679/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://i0.wp.com/ca.topnews.media/wp-content/uploads/2022/03/1644169986-2968.jpg?fit=1200%2C799&ssl=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GAsbrKalAh8yg_rx2Tc1clT67bNVYefWVZTzk_6JdziqPZUTAEhmo03cvERn3WvW20RokRo4fdhk58I9V941Cf3Zh404SY&google_gid=CAESEFStU-fNVzAlqU2gfGUU9Lk&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
aprilineffective.com
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c0.wp.com
ca.topnews.media
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
e.dlx.addthis.com
googleads.g.doubleclick.net
i0.wp.com
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.everesttech.net
pixel.rubiconproject.com
pixel.wp.com
prod-rtb.ad4mat.net
rtb.nl.eu.criteo.com
rtb.openx.net
s.w.org
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
stats.wp.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.zenaps.com
ca.topnews.media
104.111.239.217
142.250.185.134
142.250.74.194
148.251.139.77
172.217.18.98
178.250.0.162
178.250.2.135
178.250.2.148
18.66.97.9
185.64.190.78
192.0.76.3
192.0.77.2
192.0.77.37
192.0.77.48
192.243.59.20
23.35.236.247
2600:1901:0:76b9::
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6811:190e
2606:4700::6812:7e05
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:801::2002
2a00:1450:4001:803::2004
2a00:1450:4001:808::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:830::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.254.130.126
35.190.90.30
35.227.252.103
35.244.174.68
46.236.35.87
52.214.225.206
69.173.144.139
69.192.160.219
93.77.0.31
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03dd15a551c408fc3ee4496227c5b0798ead05885e535e47f3fa13b6d0fad687
08a25c504f8eff948a2911d660c1b12ef89c3fb8f3d57216facebebd6303b75e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fac26e5b3f13f50ab3450c85b77fadd624baad7082dc6edd75a4c4cd997f0a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328
103a1d297f09a6eafae79bf21c4b7da7f1e2cefd65d93996e1dceb07ec9451bc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f40a8d3e396171ff09132779af691a90bafcac94baa40fa7e3233a36f90784
11d20181b617284dde9316e7158f78d9e2bad1c0258ad2caab8160a460cbe737
1c966a6de845cfcdec8d3bc06eeed047027bf536855b41a91b2aae5d5f6de25c
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
28970b3fd166fd5216e0053b5f336e8808e7c73b9787b8184904758a9636b094
2bdbf3f8170f52249d898129d93764f29d715191c800ccf7ecdeb02832595c63
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0
395e4a0dfda3e9e33696c81a0d9c7097caa5629f2f6106a6cd3eb53c289b50e3
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3d8965ee1f9673ae2ab083ee9c063eea7eb04aef2e756a7e46f58337bb1caef4
3da1345965312de8319e5ddf58610cc4fe1c4448a23a8a86ecab7413dff8b28b
420d4e93a3b912fca0a473391ffb69c2bd9918ffeae097cc47479ca4acb9b49b
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7d3593129dfeebb018366403db1047d62e727ff086f07d80c1a2a154dbdec6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5618f44ef33115a97b68120f2a28a4c91bd8f4263f4813d68d2324dee8da46f4
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
6682e9fc05c01383592391b9774c83c4f39edab6478b4a4713afaf63a4a974a2
668f210df4e065e8481777c2a097c65903b341066a87a7f06997926dc0d36615
682ff25c1b5facbe9a1d837278dafa31935570c169e741a927f12bca6f2c5087
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6b4b6af7623b33ebee15a2c84b28859b6a6c1aca07d151a4f19ca163156744af
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6c79e034ed0798a7bd8359147de6f5df860ede7024d5a8d9ea141487ae51edbf
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
757612868392a18f57990f26f530d5b38a7d2614ea8f41ac603aaf9eae07008c
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
80b5d4915e17f9a3d3b044c26d796781f612a82921afba5859481e570aa36599
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
86c8f0ef3d5c51e837bd0c69424d11e9e8522f834e1c18d620073db93b5c79f7
8a141fe46f7146a6a9f1f18661ef2225f2700fc996450679b7791126c5000d55
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91bcabaf0d2eea9bb11217064bc9156d88ad4002676aff96aa6b374fe1ece3a9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9fcb6ca161319bb76b76090ca8c15a155089e67c37746501d159bdd7f420624a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a215939f66d5b7386b0318f276f78e8c614d3cf6571b17a753023bdc54a14a8a
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
ae86fb1e494e438623b8f18c5318c0fa642119394c29b146ea95d80290401ecf
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
b5c9fd37dca1ec56a382c45a38fd9aa8425a4b522200f6526b982902f3c3f06c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d00e34da2458e612e4eef7d1b8a6b19d038d5cfeb59ae21e053e08cf4ef46856
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d754ccac04fff1aeef9f9555514b33b85ec9a18ad25e03db0dfe223dbe3ed662
d756c5a5a9fbcf83b5879d788aa2a65c162da3aada72c448f812360568c1e1ca
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e11deb1084baabe8515ec51570582f28e23d2bd3982fcc2476bc7664a8a29d0d
e2e68e97593beb78225af7f9edc7624c19cd84ebfeb07dcbc4b06fb9f49d0526
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68e40852527c1f28682b1c4a8715dcaba615264d92ec50615744a2c21e90a13
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457
e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca
ebb1320ac51d335c0982e1bb73d9e3f6a0ed38760b1c31b7a1eb2f1bb6ae68c7
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f63098aeca2e2c973bba8c9537e71f7639db38907861b8ebbf8385cf682a5b17
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fcb7590cb13f9e84346746dd3d601da76b0e6c96140d068b1f879c71d5420adb
fe66ac5df69c78be7dfcf75943079129dbf24a254e89febc5a7e916d40de43bc
fe82fcc31eb3cc00c6e54d0a33e4c4b9da49b3fc6765795bc80ab38b9c899851
ff0d4da2bf6d1e6dfd402f2336013c94dc4af4ece767367ab66e9f0d35c2459c

ca.topnews.media Open in urlscan Pro 93.77.0.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

156 Requests

92 %HTTPS

46 %IPv6

34 Domains

49 Subdomains

40 IPs

6 Countries

2085 kBTransfer

4084 kBSize

41 Cookies

18 Outgoing links

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ca.topnews.media Open in urlscan Pro
93.77.0.31 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

92 %
HTTPS

46 %
IPv6

34
Domains

49
Subdomains

40
IPs

6
Countries

2085 kB
Transfer

4084 kB
Size

41
Cookies

156 HTTP transactions
2 data transactions