all-news.co Open in urlscan Pro
2606:4700:3032::ac43:8293 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sales.ffsice.nl/c4ca4238a0b923820dcc509a6f75849b/4ed33ca5b2831782e481a57b6bf828fc/c062cd9e4fcb75c3da63db867a7985...
Effective URL:
https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Submission: On July 10 via api (July 10th 2021, 12:38:30 am UTC) from BE

Summary HTTP 198 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 31 domains to perform 198 HTTP transactions. The main IP is 2606:4700:3032::ac43:8293, located in United States and belongs to CLOUDFLARENET, US. The main domain is all-news.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 2nd 2020. Valid for: a year.

This is the only time all-news.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	163.172.29.155 163.172.29.155	12876 (Online SAS) (Online SAS)
45	2606:4700:303... 2606:4700:3032::ac43:8293	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2.16.186.200 2.16.186.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.190.90.202 35.190.90.202	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
23	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	3.250.250.79 3.250.250.79	16509 (AMAZON-02) (AMAZON-02)
12	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:303... 2606:4700:3039::6815:c03a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 7	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 2	91.228.74.198 91.228.74.198	16509 (AMAZON-02) (AMAZON-02)
2 2	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2606:4700:303... 2606:4700:3032::6815:57ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.59.79.213 52.59.79.213	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:9065:1944:fd14:ef66	16509 (AMAZON-02) (AMAZON-02)
1 1	79.137.69.91 79.137.69.91	16276 (OVH) (OVH)
2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
3	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
1	13.225.74.57 13.225.74.57	16509 (AMAZON-02) (AMAZON-02)
1	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
2	52.213.6.221 52.213.6.221	16509 (AMAZON-02) (AMAZON-02)
198	29

1 163.172.29.155 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 163-172-29-155.rev.poneytelecom.eu

sales.ffsice.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:3032::ac43:8293 (United States)

ASN13335 (CLOUDFLARENET, US)

all-news.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-200.deploy.static.akamaitechnologies.com

mtv.mtvnimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.90.202 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 202.90.190.35.bc.googleusercontent.com

steadfastsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.250.250.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-250-250-79.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3039::6815:c03a (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.198 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.99.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.79.213 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:9065:1944:fd14:ef66 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.91 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm11.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.74.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-57.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.29.72.47 (Brixton, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.6.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	638 KB
45	all-news.co all-news.co	1 MB
32	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	147 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	632 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	174 KB
9	google.com 3 redirects adservice.google.com www.google.com	1 KB
7	googletagservices.com www.googletagservices.com	250 KB
4	webgains.com track.webgains.com diapi.webgains.com	99 KB
3	webgains.io analytics.webgains.io api.webgains.io	60 KB
3	pubmatic.com 3 redirects image6.pubmatic.com	1 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	awin1.com www.awin1.com	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com	885 B
2	openx.net 2 redirects rtb.openx.net	759 B
2	mookie1.com odr.mookie1.com	430 B
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	quantserve.com 1 redirects cms.quantserve.com	795 B
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	google.de adservice.google.de	975 B
2	google-analytics.com www.google-analytics.com	20 KB
2	steadfastsystem.com steadfastsystem.com	31 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	336 B
1	innovid.com ag.innovid.com	296 B
1	agkn.com 1 redirects d.agkn.com	757 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	googleadservices.com partner.googleadservices.com	655 B
1	adsafeprotected.com static.adsafeprotected.com	259 B
1	facebook.com www.facebook.com
1	onesignal.com cdn.onesignal.com	3 KB
1	mtvnimages.com mtv.mtvnimages.com	3 KB
1	ffsice.nl 1 redirects sales.ffsice.nl	352 B
198	31

	Domain	Requested by
45	all-news.co	all-news.co
35	tpc.googlesyndication.com	googleads.g.doubleclick.net all-news.co tpc.googlesyndication.com pagead2.googlesyndication.com
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net all-news.co
18	pagead2.googlesyndication.com	all-news.co pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	cm.g.doubleclick.net	all-news.co googleads.g.doubleclick.net
10	fonts.gstatic.com	fonts.googleapis.com
7	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
5	ad4m.at	googleads.g.doubleclick.net ad4m.at
3	track.webgains.com	as.ad4m.at analytics.webgains.io
3	image6.pubmatic.com	3 redirects
3	fonts.googleapis.com	all-news.co googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	as.ad4m.at
2	as.ad4m.at	ad4m.at as.ad4m.at
2	id.rlcdn.com	2 redirects
2	rtb.openx.net	2 redirects
2	odr.mookie1.com	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	all-news.co www.google-analytics.com
2	steadfastsystem.com	all-news.co steadfastsystem.com
1	diapi.webgains.com	track.webgains.com
1	analytics.webgains.io	track.webgains.com
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	static-de.ad4mat.net	ad4m.at
1	pixel.rubiconproject.com	1 redirects
1	prod-rtb.ad4mat.net	all-news.co
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.adsafeprotected.com	all-news.co
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.facebook.com	all-news.co
1	cdn.onesignal.com	all-news.co
1	mtv.mtvnimages.com	all-news.co
1	sales.ffsice.nl	1 redirects
198	41

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
pinterest.com
api.whatsapp.com
www.mtv.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-02` - `2021-12-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
MTVI.com DigiCert SHA2 Secure Server CA	`2021-05-06` - `2022-05-11`	a year	crt.sh
steadfastsystem.com R3	`2021-06-16` - `2021-09-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Frame ID: 6EC8A4CF0096356A9408DA8EA02074EA
Requests: 74 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Frame ID: 5E746E5DD1BDB4EA754E7F85AC3F4FC9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html
Frame ID: 0F9BBB995CFA9121F43B64933C65284C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1625877489&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489441&bpp=3&bdt=425&idt=192&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=172693140925&frm=20&pv=2&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=205
Frame ID: F6E22F16D9B80B4488F38C02D582D48A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489444&bpp=2&bdt=428&idt=219&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=279oV9EjwM&p=https%3A//all-news.co&dtd=225
Frame ID: 7F72CBE0D0BC91CEFD21680F6FA89458
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489446&bpp=3&bdt=430&idt=232&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=B1K7VdKyHC&p=https%3A//all-news.co&dtd=236
Frame ID: 3819B083C7BB4838E3016F2533F798F5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=6103665698&adk=1395125190&adf=3023380478&pi=t.ma~as.6103665698&w=696&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489449&bpp=1&bdt=433&idt=236&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=xyaMo5P1Au&p=https%3A//all-news.co&dtd=241
Frame ID: 32D990B82F1D9E2ADB1B7780402B85A8
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=3117778216&adf=3437838863&pi=t.ma~as.9785579158&w=324&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489497&bpp=15&bdt=481&idt=218&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=yK4gmMM5Rx&p=https%3A//all-news.co&dtd=222
Frame ID: 8CF448C53D61E1F3B84F350408918108
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1576612686&adf=3695330392&pi=t.aa~a.2652133880~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250&nras=2&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=LvsBBbKpzG&p=https%3A//all-news.co&dtd=15
Frame ID: 280799DDB534D3F36C1C97C1DDBDDD60
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&adk=3783568413&adf=470541226&pi=t.aa~a.4009549588~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x90&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250%2C1200x280&nras=3&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=RioE3Walc6&p=https%3A//all-news.co&dtd=18
Frame ID: 28E71813D6EDC6B17AEF54FACFA980B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C50WA8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSRAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XilECnax6OemA91n9KTnM1XsBIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTg0MzkwMjQ4NzczMzEwNDk&sigh=qsEdzCmZn_s
Frame ID: 189A5CEE854EBE9BA5F635FB4B078221
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1gqmhtq39hfx98q7pff51e99vr2xa0q5s3ce8pnv4bp2h0jk08f518nerfg29xv9142v19b5jpvt89a5w90vderb38nkfgtjj11sxg50rv5404157826w3qcrm5ck8zz1whj8nm1cxq04qzqaaaypfebk0wvvfhvybfzspg311xxb4mgt828shap1jq6nqs790cvznjdtegj7yn1a8w52cjg2t197p6kc7xbxzb535xydxgj5z967jpvx4yvc4z17p7ka5rzjfb8rmp9mbzjzp741094xmraqcaep8xh6hwxn4b59esv9ve8t1fys2nf157mxh36xmfpy25gpgjmx0z48ywy70dbsfqq3k2hg9p8echyqmfh617rmpkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%26client%3Dca-pub-8439024877331049%26adurl%3D
Frame ID: 137F0D1AD57128B438FD82F8BE480221
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 50EC93D9E93FD770FEF2BB436F44818D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6BD8A7D43CF407197AC091E06A0FEEAA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js
Frame ID: 8B63CC41A0F5634F255AAFB978D67271
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 111239EA5CC7BC2D579E8EB5BBA5093E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js
Frame ID: 224B12EC353633DF42EC12A5F64FDA96
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B55C026379788552C766169A1E18387C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC85A38595C6C0AE6362EFEFC5B84712
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js
Frame ID: 2C0452DF2C54098026659123E5077910
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/index.html
Frame ID: 2A3F88789A7B0F21E010D11BF8EC0F57
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CcdR_8evoYIyKLbCwx_AP57me0AbNpv28Y52c8sinDavIk-qPJxABIMzT7IIBYJUCoAGunsy7AsgBCakCt872iB_usz6oAwHIA0iqBJUCT9CoUDxH1V-JsuZMszANB85EAU6guGz2AkiiO9OH1OBA06gVxo7CALMQDfb_0LIZLYyKUmW-jxLg4GLaHFNu0Jcu60FtTCCjl7gKyKTH7JDldbuItP1iItB-pNtsh2mSoQxEZe4j1sCG8eRxmJd-D0nq8iZGGprZlKTZuAjEJVOqZk9xIQ77tYNmVVyfRxEj6MkOtpWTVj3IfCabaWjzs9v3I0MD_J0Hb66xSN5jOXC22oCC_QFTQvqQn3oacClGlP7OnOFNOpyiBj8H1UqD-34MUZhTpTR-AWMmZmp9bsmo4GRz0EePLMrHUfKksi9my9hzJqWKaPcj-HdhS6UF6-mWJSsN_Wh1ZBvWF_xAelZJgYg6T8AElIyppLoDkgUECAQYAZIFBAgFGASgBi6AB6yG1YMCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOGQC9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5&sigh=WILN4Cwmlo8&template_id=419
Frame ID: A463FB56F290A233DC181CD6CF0816DB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B92089F224168A782EE894A9336B2C79
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js
Frame ID: FBB62A7494BF9B07DD138FEF3093DDA3
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=n2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xr&g=c540e7eb97b1b8a686f532741993223a%2F18013672204246427255&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20awtk1bbb8wt0w05pxfaja3b1n6512aq46zmngf1997erxts0scs9rvk5gdeecmq70nbma4d9hb7v4djghw2484yw97hegj7ngw9705vn08mee0srs81r45s2r9541vytc5nxzbn4d84mmnqkgpbc3yr65nfqsnc971fdte0e6bfchf30ns9cja1mzzm86vng0mnagy8ay849hvs3t8mhmtqqb5qgfm4tkf6twfgydcw4p0ytn2hw3abtjk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Frame ID: B5BD835E66B6C5DC1E6B3A9855A56A7A
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BC7CB35DDC122FD3A29AEF0AB6DDEDF1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E73FDD886C2B4800BE5A4DFF6D38712C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sales.ffsice.nl/c4ca4238a0b923820dcc509a6f75849b/4ed33ca5b2831782e481a57b6bf828fc/c062cd9e4f... HTTP 302
https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

198
Requests

99 %
HTTPS

47 %
IPv6

31
Domains

41
Subdomains

29
IPs

6
Countries

3266 kB
Transfer

6411 kB
Size

8
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/AllNews25193679

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=City+Girls+Stage+A+Twerk+Takeover+In+New+Video+Directed+By+Missy+Elliott&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&via=all-news
Title: Twitter

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/&media=https://all-news.co/wp-content/uploads/2021/07/3950-city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott.com-698723&description=City+Girls+Stage+A+Twerk+Takeover+In+New+Video+Directed+By+Missy+Elliott
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=City+Girls+Stage+A+Twerk+Takeover+In+New+Video+Directed+By+Missy+Elliott%20%0A%0A%20https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: http://www.mtv.com/news/artist/missy-elliott/
Title: Missy Elliott

Search URL Search Domain Scan URL

URL: http://www.mtv.com/news/artist/city-girls/
Title: City Girls

Search URL Search Domain Scan URL

URL: http://www.mtv.com/news/genre/hip-hop/
Title: Hip-Hop

Search URL Search Domain Scan URL

URL: http://www.mtv.com/news/music/
Title: Music

Search URL Search Domain Scan URL

URL: http://www.mtv.com/news/3178895/missy-elliot-city-girls-twerkulator/
Title: Read More

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sales.ffsice.nl/c4ca4238a0b923820dcc509a6f75849b/4ed33ca5b2831782e481a57b6bf828fc/c062cd9e4fcb75c3da63db867a798566/7516fd43adaa5e0b8a65a672c39845d2 HTTP 302
https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPII8No7w11g_P4UPMYvBkxvhKy0T2D54ADSBKXuHe_hiwSKe3Z1HQwERVHcJxwPUyKX1NG7DavLSlX-UDpbDXH2wy9SlFs&google_gid=CAESECoBgQ9AhQlYSF0kPKxgc_0&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPII8No7w11g_P4UPMYvBkxvhKy0T2D54ADSBKXuHe_hiwSKe3Z1HQwERVHcJxwPUyKX1NG7DavLSlX-UDpbDXH2wy9SlFs&google_gid=CAESECoBgQ9AhQlYSF0kPKxgc_0&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMDM4MTAwMDAxMDY5MDgxNTAwMQ%3D%3D&google_push=AYg5qPII8No7w11g_P4UPMYvBkxvhKy0T2D54ADSBKXuHe_hiwSKe3Z1HQwERVHcJxwPUyKX1NG7DavLSlX-UDpbDXH2wy9SlFs

Request Chain 92

https://rtb.openx.net/sync/dds?google_gid=CAESEFBwjoen0qjB0TBQkpaO4u0&google_cver=1&google_push=AYg5qPLkQO6bEkc3vvGv-0aj67aQ_DtlwC7_ujiij-zttJaFAA9kRzRuW5yMjWv8Nwt-u6tn9Bn2VN5efSzUXceFVaGjZ4JSSsp8 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEFBwjoen0qjB0TBQkpaO4u0&google_cver=1&google_push=AYg5qPLkQO6bEkc3vvGv-0aj67aQ_DtlwC7_ujiij-zttJaFAA9kRzRuW5yMjWv8Nwt-u6tn9Bn2VN5efSzUXceFVaGjZ4JSSsp8&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLkQO6bEkc3vvGv-0aj67aQ_DtlwC7_ujiij-zttJaFAA9kRzRuW5yMjWv8Nwt-u6tn9Bn2VN5efSzUXceFVaGjZ4JSSsp8&google_hm=OCJtdUmezskZ_TqoCF2pgg==

Request Chain 93

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEgeVlM0uMbgArv213xSfO0&google_cver=1&google_push=AYg5qPJOhkiF9-K6ASoSOJIZN7BfLDakmA6CIdVpY--H6Dip5QDNYIUaahHX0xo1kDqdaFcs6zsqZNd5Zwpm6R5X6NyOdHACeW5m HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEgeVlM0uMbgArv213xSfO0&google_cver=1&google_push=AYg5qPJOhkiF9-K6ASoSOJIZN7BfLDakmA6CIdVpY--H6Dip5QDNYIUaahHX0xo1kDqdaFcs6zsqZNd5Zwpm6R5X6NyOdHACeW5m&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jHO5gSdbSR6jWhLh0MOBPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOhkiF9-K6ASoSOJIZN7BfLDakmA6CIdVpY--H6Dip5QDNYIUaahHX0xo1kDqdaFcs6zsqZNd5Zwpm6R5X6NyOdHACeW5m

Request Chain 94

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHYzGWPMjjrlQbJtQC55Bt4&google_cver=1&google_push=AYg5qPIwu6IsHzlqP_CE6Fe42vTjxSuoKi8vjftzrWzbtFjsHWKjnIEBOy0WAbLwDklI_a24btchOkQ1_ZL-xKsT6TU0XwOBh6bc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYMUg4R1gtTy1IU0Yz&google_push=AYg5qPIwu6IsHzlqP_CE6Fe42vTjxSuoKi8vjftzrWzbtFjsHWKjnIEBOy0WAbLwDklI_a24btchOkQ1_ZL-xKsT6TU0XwOBh6bc

Request Chain 95

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 136

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELt5rqvPpOQziyKnq1rcXYs&google_cver=1&google_push=AYg5qPK_TbiRJIGdJD0nf0VwRqvybR_zMt30X38DwoG4nD7Us6mBPaJJupMAsCqnV6xofKe7POXUQ00HGnIpmZeEa2JFIYeSMA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK_TbiRJIGdJD0nf0VwRqvybR_zMt30X38DwoG4nD7Us6mBPaJJupMAsCqnV6xofKe7POXUQ00HGnIpmZeEa2JFIYeSMA&google_hm=wezai6C8F_EVIulobsnSsg

Request Chain 137

https://d.agkn.com/pixel/2175/?google_gid=CAESEKyj_ph6gm5sjIoJ3y_HMFk&google_cver=1&google_push=AYg5qPJJjjjRG_9IuSZ3qrjSdwbl92TkOZIXbQ8f2SrHsHjAADloJ_zhjR7mYd5cGIRCX5B1lzxUdV74UbvyiJrbPsBVe5EO8w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJJjjjRG_9IuSZ3qrjSdwbl92TkOZIXbQ8f2SrHsHjAADloJ_zhjR7mYd5cGIRCX5B1lzxUdV74UbvyiJrbPsBVe5EO8w&google_hm=Q0FFU0VLeWpfcGg2Z201c2pJb0ozeV9ITUZr

Request Chain 138

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIeYFqVVSMSbPpL13FSWUIU_kBQ6yKFNOPuLIeK6LCzihBdlBK2Vz6HWzRs0ifkL8on_Qba2BNU_OPI0RzMR-pehzxgoZo&google_gid=CAESEMgwoYV4ywh2mzSroxcALCY&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPLXo4cGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBJZVlGcVZWU01TYlBwTDEzRlNXVUlVX2tCUTZ5S0ZOT1B1TEllSzZMQ3ppaEJkbEJLMlZ6NkhXelJzMGlma0w4b25fUWJhMkJOVV9PUEkwUnpNUi1wZWh6eGdvWm8 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbTRjNmNxQ1R0aE14RFJfMmhEcUh2dVYzRzlIdzczRkNCZ204N3JJMG51Yw==&google_push

Request Chain 140

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFEeKM3GYiNjhh3zabC3fCw&google_cver=1&google_push=AYg5qPLQKXK68loIZtk0jzSVQ-55MD64eVuPM4l7JqWmmnrSrgdeMmMkZ_seZd-VxHF2H6OwIrN7ufi3NSdimZl9E9nsS-Qsl1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jHO5gSdbSR6jWhLh0MOBPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLQKXK68loIZtk0jzSVQ-55MD64eVuPM4l7JqWmmnrSrgdeMmMkZ_seZd-VxHF2H6OwIrN7ufi3NSdimZl9E9nsS-Qsl1w

Request Chain 142

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEEv0NlYLBHvGumy0Y9J_Z00&google_cver=1&google_push=AYg5qPJIcVLXF5lu4rLYJrjjyS4y7KBVSc1UykpwfN2ePIAYE-MT0A9tckttzOXGTNISu2r7GDTyZo2Pbl4eWaPmsw0F29zzOFQs HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJIcVLXF5lu4rLYJrjjyS4y7KBVSc1UykpwfN2ePIAYE-MT0A9tckttzOXGTNISu2r7GDTyZo2Pbl4eWaPmsw0F29zzOFQs&google_hm=

Request Chain 146

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

198 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Redirect Chain

http://sales.ffsice.nl/c4ca4238a0b923820dcc509a6f75849b/4ed33ca5b2831782e481a57b6bf828fc/c062cd9e4fcb75c3da63db867a798566/7516fd43adaa5e0b8a65a672c39845d2
https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

340 KB
44 KB

1224ms
1197ms

Document
text/html

2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.25
Resource Hash: 6756eb6c17e32c0e881b795dca20de2b3bfcb5938d2da9d36a1010ce609a54f0

Request headers

:method: GET
:authority: all-news.co
:scheme: https
:path: /city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.25
cf-edge-cache: cache,platform=wordpress
x-pingback: https://all-news.co/xmlrpc.php
link: <https://all-news.co/wp-json/>; rel="https://api.w.org/" <https://all-news.co/wp-json/wp/v2/posts/3950>; rel="alternate"; type="application/json" <https://all-news.co/?p=3950>; rel=shortlink
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DVXItd6QFT%2BRyYt78kMw5g93YwAl%2FRluedmiWumGrLRy6tAc%2Bp3IE3BClyRRPiPydzsYdgqqusbGbElcS3jCohTTd3wSwXZ3xchcDW0vf6KrgPg%2BhmHtj0YabyTsWpuesreZvwc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66c5ba3adac64e0d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Sat, 10 Jul 2021 00:38:07 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1g
X-Powered-By: PHP/7.2.24
Location: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 style.min.css
all-news.co/wp-includes/css/dist/block-library/ 57 KB
8 KB 21ms
17ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 14:30:28 GMT
server: cloudflare
age: 1882
etag: W/"e33b-5c003b4785ea5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VafZWvHu%2Ft7XlthQK46xec6j3MFGZ%2F5G%2F60Rwfwd%2B97ypkG493OJB0aFY8%2FP%2FknRn149Ed%2F1O%2FddKIKhYPEdSG3nWhAU4qdday3Wl1aeAMtiBMNMh9rz6xmSFnXxGJYr%2FPGT2oQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66c5ba426b934e0d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 cookie-law-info-public.css
all-news.co/wp-content/plugins/cookie-law-info/public/css/ 3 KB
981 B 20ms
17ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.4
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

:path: /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1882
cf-polished: origSize=3109
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 25 Jun 2021 16:45:43 GMT
server: cloudflare
etag: W/"c25-5c599dee3c94b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QEaewg65BLqhBSw5QgsVzbQSJmGJPEnlsJxVu%2BWAklQ3ei5u15NOoxevQSOwdxBHIp9SuvjKV1j3yq%2Bj5Ra6ZOczwn82d8edRDLpNEytJpm%2FQErJYNhbaJqFXiCYJgop8WrYyEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 66c5ba426b944e0d-FRA
cf-bgj: minify

GET
H2 200 cookie-law-info-gdpr.css
all-news.co/wp-content/plugins/cookie-law-info/public/css/ 22 KB
4 KB 16ms
13ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.4
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d641d794ffeb8ab4a93449307f4da1d4cb4a9c7020ad7da4c2f630b03de6d1f7

Request headers

:path: /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1882
cf-polished: origSize=28525
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 25 Jun 2021 16:45:43 GMT
server: cloudflare
etag: W/"6f6d-5c599dee3c94b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3C6CCeIf6fxsMTsPXR1wxDzbk%2FnCfvsc2VNKY1z4C9BFk7q%2FBkfkltdzapM58pd%2B%2Fc0I3fjO%2FUaSin1bC%2B5yPKo21LpbOjrk%2FS8Pu1rJL3zY%2By%2F7vngo7ILSouf7BU0nvTXeAqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 66c5ba426b954e0d-FRA
cf-bgj: minify

GET
H2 200 form-basic.css
all-news.co/wp-content/plugins/mailchimp-for-wp/assets/css/ 2 KB
824 B 14ms
11ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.6
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c518ad5d0adbc0754bac8b71c958312a6bd77d4e318500fec44d929e00f857ec

Request headers

:path: /wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1882
cf-polished: origSize=1682
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 24 Jun 2021 15:50:11 GMT
server: cloudflare
etag: W/"692-5c584fa6bcff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CQfdLVPRCuMB93YiLSC%2FAEVMKwYEGf5YhHnd6DVD04vDuDbvVdEit1%2BzLu%2FiUe%2Fsa3CgkBhkfUVSSip9CLXfW1IEuvp8i6xeiiYyeCZbqfaUTgaySJWTcGjtUTtvSO4cJ7H4ybc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 66c5ba426b964e0d-FRA
cf-bgj: minify

GET
H2 200 style.css
all-news.co/wp-content/plugins/td-newsletter/ 6 KB
2 KB 15ms
12ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-newsletter/style.css?ver=11
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ae14082f4d2088f2bcc4f8e3da3955343dd1e39e0a5f9333c45d6428c3cfc5

Request headers

:path: /wp-content/plugins/td-newsletter/style.css?ver=11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1882
cf-polished: origSize=5831
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 19 Jun 2021 15:29:55 GMT
server: cloudflare
etag: W/"16c7-5c5201cb84492"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iqsw2bFFLHh4ZVQs09aqhEJmQustwH9NBEpF%2BjmJUKoO1E1zJWBTJIA3ywuhu7Qx65VRy1p8aE5gnditdzr7QfRC%2FS%2FYV1HrfRIFiBEz%2FM685o%2FTz%2BAfNi1Ugkc3%2FGJWi8Xf1zM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 66c5ba426b984e0d-FRA
cf-bgj: minify

GET
H2 200 style.css
all-news.co/wp-content/plugins/td-composer/td-multi-purpose/ 36 KB
5 KB 22ms
19ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=978887166a39c57c36d5cf4a5ec10289
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583

Request headers

:path: /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=978887166a39c57c36d5cf4a5ec10289
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1882
cf-polished: origSize=37284
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 19 Jun 2021 15:29:35 GMT
server: cloudflare
etag: W/"91a4-5c5201b905db7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qyY23cNA%2B90yjMG2HCS5hq8pXeBNNOryiYelvjzVr2%2BmVn0wcgB3njbg6HvCyAQeoAiPRXoGl2Wz%2B823arH%2BOEH0Qt3lyquVyEzr%2Bvz82VmmwHgFQ6UNu00xRtVS06oQGp78vVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 66c5ba426b994e0d-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 38ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f89adb807450b421fba04a426e97d1ee2fdd2ec3be9b67c0d9bb8531b782bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Jul 2021 00:38:09 GMT
server: ESF
date: Sat, 10 Jul 2021 00:38:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jul 2021 00:38:09 GMT

GET
H2 200 style.css
all-news.co/wp-content/themes/Newspaper/ 104 KB
18 KB 20ms
18ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6

Request headers

:path: /wp-content/themes/Newspaper/style.css?ver=11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1882
cf-polished: origSize=149057
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 19 Jun 2021 15:29:28 GMT
server: cloudflare
etag: W/"24641-5c5201b25fb08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SFvRr%2BsdTyp9mItSaIrTFGXQjPJph62rgm4QNt0CHPibY4Qig0SXKXvukgI2LQRNTyVD6ZZEPsKb9or7m3Xp4v%2F%2FmyecKpEGcqC6Urm%2BZvfY3bTP6m0Fxnlx4T08fWeh%2FcTJKVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 66c5ba426b9a4e0d-FRA
cf-bgj: minify

GET
H2 200 QoWmwStuyYWa.css
all-news.co/wp-content/uploads/mQfuTlzSXWhq/ 3 KB
998 B 14ms
12ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/uploads/mQfuTlzSXWhq/QoWmwStuyYWa.css?ver=2.2.3
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7da8d792ef771180eef9e592f2a3b5ebcc0f74eea6f5475d1a1e9e5665bb8448

Request headers

:path: /wp-content/uploads/mQfuTlzSXWhq/QoWmwStuyYWa.css?ver=2.2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1882
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 13:36:17 GMT
server: cloudflare
etag: W/"adc-5c0e03ae7e792"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kv0qnpG1PjK%2FIG%2FEBz9XsXksEBTSfyuPLzkR%2F1R1bDiXw2B5kkOZPVzr3IzTdr5KS9I99eRn9qxm%2FmBxP5atyJGaCk297YomgYV4KU1XBMbX%2B2kBISwmxhMBQCSdxzRo5tom%2FSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 66c5ba426b9b4e0d-FRA
cf-bgj: minify

GET
H2 200 td_legacy_main.css
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 125 KB
19 KB 17ms
15ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b515a59174f30fe7c694f1b81a78f567ce671b24988e2e6e737ecaed26871af

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1882
cf-polished: origSize=158728
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 19 Jun 2021 15:29:35 GMT
server: cloudflare
etag: W/"26c08-5c5201b8741a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KZd92XG8%2BO8ftUkJUA7WD6l%2FfwfnNhbqiTaYKtAL1nYE05hIlGPAFH7oJZ6Jpd1UpnhYtck3sOIr8DHjZQrWF8PXZ%2F0ZA2AfbNZmxhatrrl4KJ5VLTMxYVaAqFPS4ld42VP05Sw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 66c5ba426b9c4e0d-FRA
cf-bgj: minify

GET
H2 200 td_standard_pack_main.css
all-news.co/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 569 KB
46 KB 33ms
31ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9aa5e1ff3d260687f7ac21c07b85571f
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6956cbfddf2ce28aee043ecd2b7dbc3ada3954646d7009c6dd1b5ca173f136f9

Request headers

:path: /wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9aa5e1ff3d260687f7ac21c07b85571f
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1882
cf-polished: origSize=732364
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 19 Jun 2021 15:30:00 GMT
server: cloudflare
etag: W/"b2ccc-5c5201d1276ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aIqe4it72%2Ft5MlfetTDXgJnEDNLaWwwhvlPtObzHoSMcWk2Dd8oR5yoeiOwdOh5FRM0OoU62uh0DHiJx%2BNUh52uOwTHjs7BrzaB8AdVee43Lw%2FG41SGWZAlGjug5RRCXrX0D5FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 66c5ba426b9d4e0d-FRA
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
all-news.co/wp-includes/js/jquery/ 87 KB
30 KB 22ms
21ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jan 2021 11:51:38 GMT
server: cloudflare
age: 3573
etag: W/"15d98-5b84e0ffaa786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=htiiGrnfzynzDV1yRSltyOK0URj3vuwEyGEctQPRgAwLr%2B8SHN7mNqfoCrz%2FXZNXcg8ZqwQUlNDTTG1lSFyiq7Tig0JiGLLZo6UqvqD%2BPEDF%2BIXLhH9E%2Bh2jHpIEoGJ7leP3OG0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66c5ba426b9e4e0d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
all-news.co/wp-includes/js/jquery/ 11 KB
4 KB 15ms
14ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jan 2021 11:51:38 GMT
server: cloudflare
age: 3573
etag: W/"2bd8-5b84e0ffba56e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZRZ1LtfSUKnydSum9hA%2B1u%2FKCwf0kfSp5Fasw5%2Fsz%2Bpc1Fr%2FRlYrl8XnOEZ%2FmV2hiHFgrGVx4vnE%2FDVaN32C%2BOWiXoVrYyQOKzTet5srAWP3eIjQSjn9mUhtYFU18jD72dA68Vg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66c5ba426b9f4e0d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 cookie-law-info-public.js Show response
all-news.co/wp-content/plugins/cookie-law-info/public/js/ 28 KB
7 KB 15ms
13ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.4
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f8c9f1c471da8dae19554e26c6c423f31e5e687ea3892e4a73ada4be3179f86

Request headers

:path: /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3573
cf-polished: origSize=36312
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 25 Jun 2021 16:45:43 GMT
server: cloudflare
etag: W/"8dd8-5c599dee3c94b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ddu0n4w2TgRJw%2FmHzGMzojbdD8rGVQf8EuPuZthA1G2C41sMwhYZHUVqe7m5yQjaAorkhp5%2FURYOC3RCmKSwbWqMQsuBLk5TJn79fjx%2FjVFBGqKtqgQN6sUgCNiWndC%2FMsizJVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66c5ba426ba04e0d-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd140742c354c506c7bb90f383e236b9b6886581b286fa810ebdd27540181846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48619
x-xss-protection: 0
server: cafe
etag: 2461876098917531654
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 10 Jul 2021 00:38:09 GMT

GET
H3-29 200 wp-emoji-release.min.js Show response
all-news.co/wp-includes/js/ 14 KB
5 KB 19ms
18ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Feb 2021 02:30:35 GMT
server: cloudflare
age: 3572
etag: W/"3795-5ba797d0ae7be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vo2ZeVi8urkhEXhcujHvDsdzJdX%2F%2B1x2qsKD%2BoCqsNNlbhkfXrSgtimkndpzRjpMmeeKDJYwGIiGhs6NuRxAVfmbonFABAtwUVGTMxYCObxQpPkvfCIhJSmz8vg62Y%2FkUnSOBLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66c5ba42ebbdc277-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 3950-city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott-696x392.com-698723
all-news.co/wp-content/uploads/2021/07/ 56 KB
56 KB 58ms
56ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3950-city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott-696x392.com-698723
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09ce3d921e25bb0b4c0e06a030ffb155623d14d3f444da9b659930f722ab26c9

Request headers

:path: /wp-content/uploads/2021/07/3950-city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott-696x392.com-698723
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jul 2021 23:24:44 GMT
server: cloudflare
etag: "de9b-5c690d7fdbd65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Jc3GXxEbjB1bOki9qy579c%2FzowLb0PS115xS0mb848izs5TdVyYs0XUVfnXXMbPyZqZPJXPudSHe%2FvMb7kR4YflL6AjoqPWHenIM0QPNBlof6CZqtX2ZWSQWKPddlOSI25t7OfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 66c5ba42ebbec277-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 56987

GET
H2 200 mgid:ao:image:mtv.com:698723
mtv.mtvnimages.com/uri/ 2 KB
3 KB 58ms
20ms Image
image/jpeg 2.16.186.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mtv.mtvnimages.com/uri/mgid:ao:image:mtv.com:698723?width=385&height=217&quality=.05&format=jpg

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-200.deploy.static.akamaitechnologies.com

Software

Resource Hash

13fae36d9ba57cad618ea9714aa5b2f21ea59b379ceffa74a646099b898c0792

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 20:52:20 UTC
cid: 9f68706e-fb47-440a-b4e4-ace4bd06f970
etag: "2d3632313335353936383030d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31436239
date: Sat, 10 Jul 2021 00:38:09 GMT
x-status-code: 200
content-length: 2432

GET
H3-29 200 email-decode.min.js Show response
all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
9ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0b2f72bdc00000c27704359000000001
last-modified: Wed, 07 Jul 2021 15:32:55 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60e5c927-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=e9ZdLWFwMNjTnOXa%2BM2WtERBNi4HQgTntBlX4jfTGA10yNlc3OqzOM75L1dQuwqX6gsAqBwOwoGI%2FRk3JOJIB%2BQMP0ljt1jxzTr5RXFCOa70vonQMvst8VUX7iQSxXRaJK%2B%2FBus%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 66c5ba42cb9ec277-FRA
expires: Mon, 12 Jul 2021 00:38:09 GMT

GET
H3-29 200 underscore.min.js Show response
all-news.co/wp-includes/js/ 16 KB
6 KB 32ms
30ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

:path: /wp-includes/js/underscore.min.js?ver=1.8.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 14:30:28 GMT
server: cloudflare
age: 3573
etag: W/"3ead-5c003b4783b7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9Cz1QzqbVknwoh9AMm2fk0nTiApxu66iaXP99ASvuACwSCP2c4GaEnSlGfwXzkg%2BxtVJP%2BDqpyTsZkjPfV9L5BXD%2FfGhswMHijWbmkaurMnVhe%2Fb3%2FD84ERB4m6RfPi9cgn%2BTTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66c5ba42ebb6c277-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 js_posts_autoload.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 14ms
12ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 19 Jun 2021 15:29:42 GMT
server: cloudflare
age: 3572
etag: W/"1428-5c5201c00d31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eSoCBK15aKQ4UcRnFbjZTWYFUeZp6xl8%2BnvliOGxIUK3hMS33gdbEAbMRGAUQC3TzbSpmjIqIqPyQ3CUUnAuu6zX2LyPhBarzHCWkoSG8RvFnurhL%2F3X7%2B6Yw8amzS5iML29p54%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66c5ba42ebb7c277-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 tagdiv_theme.min.js Show response
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/ 257 KB
56 KB 30ms
29ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 19 Jun 2021 15:29:35 GMT
server: cloudflare
age: 3572
etag: W/"4029c-5c5201b875148"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2JWJUxeLWvuEKj9vo4Ie76mN%2Fu3OSfz6RZkMIbOZlL8OkDSSzBFZEFA%2Bw8bJZKstEwjCPYTJ8byMoLq2cFuW0TfiBFiakr46y%2BOR%2FVHUdQAKWjKbuhkMB7Wt9EJ9%2BKXSXHLOxHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66c5ba42ebb8c277-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 comment-reply.min.js Show response
all-news.co/wp-includes/js/ 3 KB
2 KB 20ms
18ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/comment-reply.min.js?ver=5.7.2
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 14:30:28 GMT
server: cloudflare
age: 3572
etag: W/"ba8-5c003b4783f65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1PB9VsZz3gZt%2FabdbV1eIbU3nf0iaUrpdeI0DybEXAr%2BQpiDLQ7KTBtrUfhsF8JDa9JGmLnKo4AS5%2Be80Usgcldes7PPLj1Xx5OP5HqXnoNmKl64giIP%2Bf0%2Ftef0sAVc%2BbeAAhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66c5ba42ebb9c277-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 kddsnszlCWqm.js Show response
all-news.co/wp-content/uploads/mQfuTlzSXWhq/ 14 KB
4 KB 22ms
20ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/uploads/mQfuTlzSXWhq/kddsnszlCWqm.js?ver=2.2.3
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df85aac876d06864d10bb0fc5f45c6fa28870ed4eda966f3082d52e42173d962

Request headers

:path: /wp-content/uploads/mQfuTlzSXWhq/kddsnszlCWqm.js?ver=2.2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3572
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 13:36:17 GMT
server: cloudflare
etag: W/"396a-5c0e03aea02a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1oeWcePmVSq6VOuxx04pVBXOdQRx5QjJoy7OhBWbbDmsrw5WQzrDJk5zKVjYVg8245vp2JNPWa3KZgbGR7paFHqc6BgY0nZbTAd%2BshFAv2tZpSSHTZfuWdElMkbFZx9XwQPyMrE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 66c5ba42ebbac277-FRA
cf-bgj: minify

GET
H3-29 200 js_files_for_front.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 36 KB
8 KB 16ms
14ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15c510fe49c3ec5fd57ac7ead341655699156a63fe10195347dfeae1dc53f909

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 19 Jun 2021 15:29:42 GMT
server: cloudflare
age: 3572
etag: W/"9176-5c5201c00d31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rWhCxc34KDVYnXs1ZUjIyq2WZbBqWWV3exZRz70oF237Jf64Hl%2Fun5ACH9eiSqx6N%2BdWiNlr9of4kPbWrPBRYq43iE9X2kLvYfTgnfPiE06CNRxoPagnCGtK2CmD6mTgMBCJ6FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66c5ba42ebbbc277-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 wp-embed.min.js Show response
all-news.co/wp-includes/js/ 1 KB
1 KB 14ms
13ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Feb 2021 02:30:35 GMT
server: cloudflare
age: 3572
etag: W/"592-5ba797d0ae3d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kto9v23Zr4XkTaooUaH9e4PHVaWtXPYYsmKSOcP87oP%2B4tfSAX5Rpj6CAVzktbMj70WeppUNszy0Bk8i8In2qw1321Z7K4CZg9r%2BofjGhMZZsO96zeHPvgElBlmqhely7WktKw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66c5ba42ebbcc277-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 29ms
12ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.2
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2875
etag: W/"96fc99e13be87550fcfc4474d30d43d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 66c5ba430f744e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 13 Jul 2021 00:38:09 GMT

GET
H2 200 v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR Show response
steadfastsystem.com/ 103 KB
30 KB 241ms
206ms Script
text/javascript 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

1e9f1520d706eaabe98193415871fbc1b8b9816388050c6094fea803fb320544

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "29a35f1452f71e249a143e45bec885b5207e48dfd1ebd37155060c17bf49e059"
vary: Accept-Encoding, Accept-Language
x-hostname: 0586a9fb
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Sat, 10 Jul 2021 00:38:09 GMT
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 4344
date: Fri, 09 Jul 2021 23:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sat, 10 Jul 2021 01:25:45 GMT

GET
H3-29 200 mobile-bg.jpg
all-news.co/wp-content/uploads/2021/01/ 43 KB
43 KB 18ms
18ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/01/mobile-bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a

Request headers

:path: /wp-content/uploads/2021/01/mobile-bg.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6101
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43847
last-modified: Sat, 30 Jan 2021 22:15:34 GMT
server: cloudflare
etag: "ab47-5ba2575ae8adc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UJSjCvmmRQHyuZFPeIqLCwG90MCCRzCrCchN2MdhQw3vEbQSj7IQa%2FtTVtqOhmX08icweBlcA%2FVgznK0w0vy9Z1Mg8QqnvHjmkgNBQPu8Krg%2FO3ZBzcJzj0xZK2qV3dbepRYCYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba42fbc4c277-FRA

GET
H3-29 200 newspaper.woff
all-news.co/wp-content/themes/Newspaper/images/icons/ 24 KB
17 KB 28ms
27ms Font
application/font-woff 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

:path: /wp-content/themes/Newspaper/images/icons/newspaper.woff?19
pragma: no-cache
origin: https://all-news.co
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: all-news.co
referer: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://all-news.co
Referer: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 19 Jun 2021 15:29:28 GMT
server: cloudflare
age: 6101
etag: W/"6120-5c5201b260aa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3FSeWwwx5NhTQRO4%2F0yBVt0RL5sMDEKacmTuR81j1XXYiMiCU1le4n9PTYZOYLGGJILNgg64srN%2BAxrt6gD2nDlXI%2Bn7en1Yz%2B1Hmlbo1Aw67S8lTUOJHXTm4tWTItGZQmpxhEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66c5ba42fbc6c277-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 newspaper-icons.woff
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 6 KB
4 KB 28ms
28ms Font
application/font-woff 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
pragma: no-cache
origin: https://all-news.co
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: all-news.co
referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://all-news.co
Referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 19 Jun 2021 15:29:34 GMT
server: cloudflare
age: 6101
etag: W/"1744-5c5201b86b508"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vuQGUeQ6gUMBXdrhek9FaGvrTAkwYV7H6O0OQZZu2YYjPxMvv5qkjX7IDoKUcOIb9%2BO%2FqzultRWG2%2FvREDYc%2FmcEyFBUiETJt86hx78BQlrMxgHsI5J6UasqOnxE3jm7W02qczI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66c5ba42fbc9c277-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
15 KB 25ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 11:17:37 GMT
x-content-type-options: nosniff
age: 307232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 11:17:37 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 19ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 323151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:52:18 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 03:00:34 GMT
x-content-type-options: nosniff
age: 337055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 03:00:34 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 23:06:01 GMT
x-content-type-options: nosniff
age: 351128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 23:06:01 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 01:01:52 GMT
x-content-type-options: nosniff
age: 344177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 01:01:52 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 17:47:08 GMT
x-content-type-options: nosniff
age: 370261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 17:47:08 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 5E74 0
0 45ms
29ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: INDbfz0525QSDxHVbcDVUWqeHeLGrdI+8jUGGIlSdbIwXlMKi4+K1RjftWSU4vf67B3O5riZmf7pMX0kmOOD4w==
content-length: 0
date: Sat, 10 Jul 2021 00:38:09 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 26ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=670992071&t=pageview&_s=1&dl=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&ul=en-us&de=UTF-8&dt=City%20Girls%20Stage%20A%20Twerk%20Takeover%20In%20New%20Video%20Directed%20By%20Missy%20Elliott%20-%20all-news&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=584310157&gjid=1531758524&cid=194994674.1625877489&tid=UA-185019636-1&_gid=1340078391.1625877489&_r=1&_slc=1&z=26026165

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/ 240 KB
89 KB 51ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4119835228203de3978d98f27c2d326dd14f7d0fb412f9a05f4d1589cc83111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91202
x-xss-protection: 0
server: cafe
etag: 7944902488587866712
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Jul 2021 00:38:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/ Frame 0F9B 10 KB
5 KB 31ms
8ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210701/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Jul 2021 22:29:07 GMT
expires: Fri, 23 Jul 2021 22:29:07 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 7742
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
457 B 44ms
16ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-185019636-1&cid=194994674.1625877489&jid=584310157&gjid=1531758524&_gid=1340078391.1625877489&_u=IEBAAEAAAAAAAC~&z=720615079

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 10 Jul 2021 00:38:09 GMT
content-type: text/plain
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 footer_bg.jpg
all-news.co/wp-content/uploads/2021/01/ 105 KB
105 KB 15ms
14ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/01/footer_bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a

Request headers

:path: /wp-content/uploads/2021/01/footer_bg.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6100
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 107441
last-modified: Sat, 30 Jan 2021 22:15:20 GMT
server: cloudflare
etag: "1a3b1-5ba2574d2c0a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sqxpthmhMSAYhGEBYTaUFxOALmNqIbtma4DBFzZllM4Cz%2BFeNoVvmVDDYjTFNuuKgq71CNG%2FGlbAOKMg9q7uwCHfJIVqfyJpi0NvzfZ0DmrEf5Uy490SbScOInwjsltbV5EPQqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba458daec277-FRA

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
259 B 97ms
29ms Image
image/gif 3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-250-250-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: nginx/1.16.1
age: 10145466
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
655 B 65ms
39ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=all-news.co&callback=_gfp_s_&client=ca-pub-8439024877331049

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4fdc0e267377c023b5e6139205779ef920e3571c8f6c9abbb6a27ec03f705ea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 37ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F6E2 20 KB
1 KB 68ms
53ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1625877489&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489441&bpp=3&bdt=425&idt=192&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=172693140925&frm=20&pv=2&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=205

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b83b010a2ede2ec516782f8671f1918fe5d3a828dfd9616280cd4e6646a8452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1625877489&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489441&bpp=3&bdt=425&idt=192&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=172693140925&frm=20&pv=2&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=205
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 00:38:09 GMT
server: cafe
content-length: 1290
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Jul-2021 00:53:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 00:38:09 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830134516437"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27897
x-xss-protection: 0
expires: Sat, 10 Jul 2021 00:38:09 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7F72 69 KB
23 KB 498ms
497ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489444&bpp=2&bdt=428&idt=219&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=279oV9EjwM&p=https%3A//all-news.co&dtd=225

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8095175e1bca82af9104a2088aed993bdd8f3ad349136060954b6f6206140a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489444&bpp=2&bdt=428&idt=219&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=279oV9EjwM&p=https%3A//all-news.co&dtd=225
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 00:38:10 GMT
server: cafe
content-length: 23798
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Jul-2021 00:53:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 00:38:10 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3819 69 KB
25 KB 249ms
249ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489446&bpp=3&bdt=430&idt=232&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=B1K7VdKyHC&p=https%3A//all-news.co&dtd=236

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad62f6617623b2d97acafd1ff1860113f58fe4e10437fbcea14bb2ede2c24564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489446&bpp=3&bdt=430&idt=232&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=B1K7VdKyHC&p=https%3A//all-news.co&dtd=236
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 00:38:09 GMT
server: cafe
content-length: 25994
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Jul-2021 00:53:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 00:38:09 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 32D9 70 KB
23 KB 292ms
291ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=6103665698&adk=1395125190&adf=3023380478&pi=t.ma~as.6103665698&w=696&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489449&bpp=1&bdt=433&idt=236&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=xyaMo5P1Au&p=https%3A//all-news.co&dtd=241

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4f7971df36643be1bb00f885786ecf067ba953ca020e2d158efcb9e82f55a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=6103665698&adk=1395125190&adf=3023380478&pi=t.ma~as.6103665698&w=696&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489449&bpp=1&bdt=433&idt=236&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=xyaMo5P1Au&p=https%3A//all-news.co&dtd=241
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 00:38:09 GMT
server: cafe
content-length: 23988
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Jul-2021 00:53:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 00:38:09 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8CF4 109 KB
35 KB 583ms
582ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=3117778216&adf=3437838863&pi=t.ma~as.9785579158&w=324&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489497&bpp=15&bdt=481&idt=218&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=yK4gmMM5Rx&p=https%3A//all-news.co&dtd=222

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae3c6bf322cea59b7a45174d504662f0e75d94787a9fe0a3014d92d5485c701a

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzG5dGh1_ECFTDYEQgd55wHag&gqi=8evoYNzBLIe4x_APjI-rwAw&layout=/sadbundle/%24csp%253Der3%24/16215012808405873833/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=3117778216&adf=3437838863&pi=t.ma~as.9785579158&w=324&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489497&bpp=15&bdt=481&idt=218&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=yK4gmMM5Rx&p=https%3A//all-news.co&dtd=222
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzG5dGh1_ECFTDYEQgd55wHag&gqi=8evoYNzBLIe4x_APjI-rwAw&layout=/sadbundle/%24csp%253Der3%24/16215012808405873833/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 00:38:10 GMT
server: cafe
content-length: 35725
x-xss-protection: 0
set-cookie: IDE=AHWqTUlUYX4gS9WanmqSMExbE7tOAUdrfXrw_KZkIPkzTGOYo2zzs7gqEDcIQOIdYsk; expires=Thu, 04-Aug-2022 00:38:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 00:38:10 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2807 61 KB
24 KB 433ms
433ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1576612686&adf=3695330392&pi=t.aa~a.2652133880~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250&nras=2&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=LvsBBbKpzG&p=https%3A//all-news.co&dtd=15

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

395ca62cba27622e3fef1b659643f08356d6e0719db121805ceaa84ab9512dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1576612686&adf=3695330392&pi=t.aa~a.2652133880~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250&nras=2&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=LvsBBbKpzG&p=https%3A//all-news.co&dtd=15
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 00:38:10 GMT
server: cafe
content-length: 24383
x-xss-protection: 0
set-cookie: IDE=AHWqTUm-U8hnKF5xsOHGOjme8YWUyjgNaxW52vT3u-F08nOEs8RHY1lb-FQf2g6U9DY; expires=Thu, 04-Aug-2022 00:38:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 00:38:10 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 28E7 16 KB
7 KB 191ms
190ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&adk=3783568413&adf=470541226&pi=t.aa~a.4009549588~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x90&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250%2C1200x280&nras=3&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=RioE3Walc6&p=https%3A//all-news.co&dtd=18

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

246e451f75df33e66982087689694fbb4b287455a062ed81152bedcfe48e474b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&adk=3783568413&adf=470541226&pi=t.aa~a.4009549588~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x90&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250%2C1200x280&nras=3&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=RioE3Walc6&p=https%3A//all-news.co&dtd=18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Jul 2021 00:38:09 GMT
server: cafe
content-length: 7361
x-xss-protection: 0
set-cookie: IDE=AHWqTUnJGH57xvFs4CXMj7MFnsciGNLuIDsMiPt4nNGtaeybVct-u_dgzMTJ6gZ0At4; expires=Thu, 04-Aug-2022 00:38:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 00:38:09 GMT
cache-control: private

GET
H2 200 13464098357225506922
tpc.googlesyndication.com/simgad/ Frame 3819 93 KB
93 KB 32ms
11ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13464098357225506922?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qln7aQG6Uy7H6ahmSIzIdWo8_SKbQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489446&bpp=3&bdt=430&idt=232&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=B1K7VdKyHC&p=https%3A//all-news.co&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

601c294da3882446ada5fa6863efbe5005f86f3a1180ac8584d37ae387f76777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 23:27:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 14:40:30 GMT
server: sffe
age: 349860
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95246
x-xss-protection: 0
expires: Tue, 05 Jul 2022 23:27:09 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/ Frame 3819 17 KB
7 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:24:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 3819 3 KB
1 KB 28ms
11ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:32:14 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3819 123 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sat, 10 Jul 2021 00:38:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 3819 14 KB
6 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:36:25 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 3819 26 KB
11 KB 39ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b35e873b9db413a09f24235dd3be68816999fc978a0bacf7b0ad5ee20947a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 14:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34894
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10743
x-xss-protection: 0
server: cafe
etag: 12938648275481418145
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Jul 2021 14:56:35 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3819 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXEom8evoYPPuKr3Hx_APo92YsASR6qeHY7jVzbzFDa3K_d8FEAEgzNPsggFglQKgAZKZq_wCyAECqAMByAPJBKoEkwJP0F9XF0ivv50e4dK7paYmhMKsgm8YGiGxFXQdITLp0vhmq9jPlDVcI3d5U_ySs7LrkoLcv6pqlXW-t-euHc1XMh7alFVPw1GfRr1vh7RC5vgg_Jn5CHGhxIXsQ_srTf7x7dOVOSbeHcUgteveJfcD9uZQViDqL9xetswxZe5Ryx7yfqBHuZA9z2f-1EgtrI4g0yUq_gAMjWKEzKyh4PGTGJ1doE-iil4NT4wwIVVvMElfguXhm7ls0P6BF6blEKURehVPsHOFlcS8eSFw2JjInfcWWY3rVnNdYR4WhM6HG1Xcu2HPdD0PlWMuXS0XYiIMlGnByYJ8g9upq8oldo9JpINKk4FXk049NrfX1BbZfKay3cAEyNvNlNsDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB9bm1IMBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJ-tDNIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5&sigh=LHwZlgygGnI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489446&bpp=3&bdt=430&idt=232&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=B1K7VdKyHC&p=https%3A//all-news.co&dtd=236
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Jul 2021 00:38:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Jul 2021 00:38:09 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 189A 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C50WA8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSRAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XilECnax6OemA91n9KTnM1XsBIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTg0MzkwMjQ4NzczMzEwNDk&sigh=qsEdzCmZn_s

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&adk=3783568413&adf=470541226&pi=t.aa~a.4009549588~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x90&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250%2C1200x280&nras=3&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=RioE3Walc6&p=https%3A//all-news.co&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Jul 2021 00:38:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 189A 0
0 39ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hkhwxtca6j84jgk4fnh0k3yjz5jg4acez5wk7fffq6ch45s2eqt52qhqvgmyff6d44kcas0mbbj410nzhx8vd4ryqnye11wdqw5xnd5pyc2wsbprcdvdmgcyjnb544b0b8x2nwkcpfnp4gyn6cgpfsz4mncfnm4mksrna5gc506f9vwhw35c1yerbvp4v2sb6p7ckv94azkagp9fkbw030075kmfnptssg0wq1hbr7fnej1knzaqaxpc7cftrk3ba5vt8ym7e32vvvdxa0rva7na26h1mbjm9ajzbjpg7bz98ef40h8f0cx9176s3a5aevb2a7qg4bpwt4rmf7j007sbs9ftphnakrj165ba98j1c77v8rdw08x5marpxh5z7wv6aqs&b=YOjr8QAMDSYK4DkVAA-dpOvfQ9pDCQhs3Hmrng
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 10 Jul 2021 00:38:10 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 137F 2 KB
2 KB 43ms
21ms Document
text/html 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1gqmhtq39hfx98q7pff51e99vr2xa0q5s3ce8pnv4bp2h0jk08f518nerfg29xv9142v19b5jpvt89a5w90vderb38nkfgtjj11sxg50rv5404157826w3qcrm5ck8zz1whj8nm1cxq04qzqaaaypfebk0wvvfhvybfzspg311xxb4mgt828shap1jq6nqs790cvznjdtegj7yn1a8w52cjg2t197p6kc7xbxzb535xydxgj5z967jpvx4yvc4z17p7ka5rzjfb8rmp9mbzjzp741094xmraqcaep8xh6hwxn4b59esv9ve8t1fys2nf157mxh36xmfpy25gpgjmx0z48ywy70dbsfqq3k2hg9p8echyqmfh617rmpkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%26client%3Dca-pub-8439024877331049%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&adk=3783568413&adf=470541226&pi=t.aa~a.4009549588~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x90&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250%2C1200x280&nras=3&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=RioE3Walc6&p=https%3A//all-news.co&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c149d19d7959788fd893eb8ea61ded909dbd0ec5fc4a29d530c7a6920b2bdb7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1gqmhtq39hfx98q7pff51e99vr2xa0q5s3ce8pnv4bp2h0jk08f518nerfg29xv9142v19b5jpvt89a5w90vderb38nkfgtjj11sxg50rv5404157826w3qcrm5ck8zz1whj8nm1cxq04qzqaaaypfebk0wvvfhvybfzspg311xxb4mgt828shap1jq6nqs790cvznjdtegj7yn1a8w52cjg2t197p6kc7xbxzb535xydxgj5z967jpvx4yvc4z17p7ka5rzjfb8rmp9mbzjzp741094xmraqcaep8xh6hwxn4b59esv9ve8t1fys2nf157mxh36xmfpy25gpgjmx0z48ywy70dbsfqq3k2hg9p8echyqmfh617rmpkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%26client%3Dca-pub-8439024877331049%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 10 Jul 2021 00:38:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c5ba487fc82c19-FRA
content-encoding: br

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 189A 3 KB
1 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:32:14 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 50EC 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Jul 2021 11:56:19 GMT
expires: Sat, 10 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 45710
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 189A 123 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sat, 10 Jul 2021 00:38:09 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 189A 14 KB
6 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:36:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 189A 0
0 35ms
16ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDgrq_K1jTdjpvwRnUEPXbx4Fur-gNM8M5TLXONJPha4X0ijuNhz2zw0WCrARceiBGIA9OPvvwaL0D0IgDG4UI-u1fRQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&adk=3783568413&adf=470541226&pi=t.aa~a.4009549588~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x90&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250%2C1200x280&nras=3&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=RioE3Walc6&p=https%3A//all-news.co&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6BD8 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489446&bpp=3&bdt=430&idt=232&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=B1K7VdKyHC&p=https%3A//all-news.co&dtd=236
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnJGH57xvFs4CXMj7MFnsciGNLuIDsMiPt4nNGtaeybVct-u_dgzMTJ6gZ0At4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489446&bpp=3&bdt=430&idt=232&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=B1K7VdKyHC&p=https%3A//all-news.co&dtd=236

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 09 Jul 2021 23:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3819 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b72bf17f18ebe2d0f8f2125330e558b082b2455ed9c0a0e3c9a00376e43af17a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 189A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74e8d264c2f115d03c3fdb8b43ef4ca5b993249b44373497d83cebbae4b32e78

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 32D9 4 KB
617 B 28ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=6103665698&adk=1395125190&adf=3023380478&pi=t.ma~as.6103665698&w=696&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489449&bpp=1&bdt=433&idt=236&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=xyaMo5P1Au&p=https%3A//all-news.co&dtd=241

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Jul 2021 23:06:05 GMT
server: ESF
date: Sat, 10 Jul 2021 00:38:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jul 2021 00:38:10 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 32D9 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:34:40 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/ Frame 32D9 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:24:15 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 32D9 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:32:14 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 32D9 123 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:10 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sat, 10 Jul 2021 00:38:10 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 32D9 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:36:25 GMT

GET
H2 200 a419caddb94ba229832f3cb0e96cc3a1.js Show response
www.gstatic.com/mysidia/ Frame 32D9 26 KB
11 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a419caddb94ba229832f3cb0e96cc3a1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1608463daf92a71b2a1c6ee7042cc0a1b6bf99f1a1816787c554536948a50ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 09:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10765
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 01:32:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Oct 2021 09:28:35 GMT

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 137F 58 KB
7 KB 31ms
19ms Stylesheet
text/css 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gqmhtq39hfx98q7pff51e99vr2xa0q5s3ce8pnv4bp2h0jk08f518nerfg29xv9142v19b5jpvt89a5w90vderb38nkfgtjj11sxg50rv5404157826w3qcrm5ck8zz1whj8nm1cxq04qzqaaaypfebk0wvvfhvybfzspg311xxb4mgt828shap1jq6nqs790cvznjdtegj7yn1a8w52cjg2t197p6kc7xbxzb535xydxgj5z967jpvx4yvc4z17p7ka5rzjfb8rmp9mbzjzp741094xmraqcaep8xh6hwxn4b59esv9ve8t1fys2nf157mxh36xmfpy25gpgjmx0z48ywy70dbsfqq3k2hg9p8echyqmfh617rmpkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gqmhtq39hfx98q7pff51e99vr2xa0q5s3ce8pnv4bp2h0jk08f518nerfg29xv9142v19b5jpvt89a5w90vderb38nkfgtjj11sxg50rv5404157826w3qcrm5ck8zz1whj8nm1cxq04qzqaaaypfebk0wvvfhvybfzspg311xxb4mgt828shap1jq6nqs790cvznjdtegj7yn1a8w52cjg2t197p6kc7xbxzb535xydxgj5z967jpvx4yvc4z17p7ka5rzjfb8rmp9mbzjzp741094xmraqcaep8xh6hwxn4b59esv9ve8t1fys2nf157mxh36xmfpy25gpgjmx0z48ywy70dbsfqq3k2hg9p8echyqmfh617rmpkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Sat, 10 Jul 2021 00:38:10 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1001152
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6688
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Sn0Myquoyj5xuC%2BXe3dQP0ckj4%2BVNVJkDx0KhtbaeSqSmhv%2B5LWvcE5wLfWZHspS0miBNueMVxKnIK8a60SuxC%2FKEWX6cDR3izeyqAcTUAKU2ZzudWgZ%2BAqTxK%2BnZyj6"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 66c5ba493edc2bf2-FRA
expires: Tue, 28 Jun 2022 10:32:18 GMT

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 137F 36 KB
12 KB 39ms
28ms Script
application/javascript 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gqmhtq39hfx98q7pff51e99vr2xa0q5s3ce8pnv4bp2h0jk08f518nerfg29xv9142v19b5jpvt89a5w90vderb38nkfgtjj11sxg50rv5404157826w3qcrm5ck8zz1whj8nm1cxq04qzqaaaypfebk0wvvfhvybfzspg311xxb4mgt828shap1jq6nqs790cvznjdtegj7yn1a8w52cjg2t197p6kc7xbxzb535xydxgj5z967jpvx4yvc4z17p7ka5rzjfb8rmp9mbzjzp741094xmraqcaep8xh6hwxn4b59esv9ve8t1fys2nf157mxh36xmfpy25gpgjmx0z48ywy70dbsfqq3k2hg9p8echyqmfh617rmpkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gqmhtq39hfx98q7pff51e99vr2xa0q5s3ce8pnv4bp2h0jk08f518nerfg29xv9142v19b5jpvt89a5w90vderb38nkfgtjj11sxg50rv5404157826w3qcrm5ck8zz1whj8nm1cxq04qzqaaaypfebk0wvvfhvybfzspg311xxb4mgt828shap1jq6nqs790cvznjdtegj7yn1a8w52cjg2t197p6kc7xbxzb535xydxgj5z967jpvx4yvc4z17p7ka5rzjfb8rmp9mbzjzp741094xmraqcaep8xh6hwxn4b59esv9ve8t1fys2nf157mxh36xmfpy25gpgjmx0z48ywy70dbsfqq3k2hg9p8echyqmfh617rmpkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA==
date: Sat, 10 Jul 2021 00:38:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 44936
x-guploader-uploadid: ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:08:33 GMT
server: cloudflare
etag: W/"ff92efa079e8c446e6e02ffafd7c9154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aLB40atBSmzTuoJYZS%2BkqX8l1arW6hTKLcNdu%2FfLBzuf3XU0M3LPFcPohYVtJtc9VwKMSzYsUR4A3Jh30aaXcNvza883TaM%2FGF%2FwgXuslUKdQ8py9JEN0%2FdvoCJ5vG2P"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672513020985
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11953
cf-ray: 66c5ba493edd2bf2-FRA
expires: Fri, 09 Jul 2021 12:09:14 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2964954171535884304/ Frame 32D9 15 KB
15 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2964954171535884304/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4776ac2e39935200633f4cd6e1cc8160522b0582e48f0df68af98e49789b828d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 13:07:29 GMT
x-content-type-options: nosniff
age: 300641
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15782
x-xss-protection: 0
last-modified: Thu, 04 Apr 2019 15:33:39 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 13:07:29 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 32D9 0
0 42ms
41ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqIEw8evoYIqkK4Wvx_AP6sKdgAvr27rKY7j5l4e1DtrZHhABIMzT7IIBYJUCoAGl4fS3A8gBBqkCfdE7r2Xrsz6oAwHIA8sEqgSUAk_Q9OgHvt32-SH4978uCQL4o6gI3Sqfuj2VnoIDyy00CpE57SqWZDKgyBboqGT0WGQCm7UWH4FtFzbdjKjksFRKzqeET2aoDsFpoXpaEzMwcTZ-zz21Be5NlqDRfpFz1vQVrAnCY84nXI6JuMRy2KY4w-rBVuPiKg53Dj54SaGPoMs0A5tj0rUItXREdpGVCSCL3dLPJyeR9EVcNOqlAaBbkmN_qp2V0p8LyvdT9Cym8SEnmF5FQxOYoGvQM8cxx-um3BsMODHfarpvxnz6J4CwLcVvyJo4nBvNvJbnCPZlqZgNlshzug5Hhf96pmuuuF4nYNQTdvWccG01N_TeREuslDxey0rKr2lpbCfzoWmVyDE6qMAE54TE69EDkgUECAQYAZIFBAgFGASgBjeAB8Oei0ioB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQwpoJ0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTg0MzkwMjQ4NzczMzEwNDk&sigh=9oqjg0iOCUU&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=6103665698&adk=1395125190&adf=3023380478&pi=t.ma~as.6103665698&w=696&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489449&bpp=1&bdt=433&idt=236&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=xyaMo5P1Au&p=https%3A//all-news.co&dtd=241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Jul 2021 00:38:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 50EC 35 B
463 B 360ms
19ms Image
image/gif 91.228.74.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOrzwKaZTRN7SsCfUSbcYcY&google_cver=1&google_push=AYg5qPL0xTBmDJtmolZPRfpOO0Oev7xOGB3D-JFUgbpEVW4jZJXWzKysH2deuMkNnh-f1vISpMAEnM4WrxwUSGzxVo9rzbAh3hxK

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.198 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 50EC
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPII8No7...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPII8No7...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMDM4MTAwMDAxMDY5MDgxNTAwMQ%3D%3D&google_push=AYg5qPII8No7w11g_P4UPMYvBkxvhKy0T2D54ADSBKXuHe_hiwSKe3Z1HQwERVHcJxwPUy...

170 B
188 B

18ms
16ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMDM4MTAwMDAxMDY5MDgxNTAwMQ%3D%3D&google_push=AYg5qPII8No7w11g_P4UPMYvBkxvhKy0T2D54ADSBKXuHe_hiwSKe3Z1HQwERVHcJxwPUyKX1NG7DavLSlX-UDpbDXH2wy9SlFs

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MTAwMDM4MTAwMDAxMDY5MDgxNTAwMQ%3D%3D&google_push=AYg5qPII8No7w11g_P4UPMYvBkxvhKy0T2D54ADSBKXuHe_hiwSKe3Z1HQwERVHcJxwPUyKX1NG7DavLSlX-UDpbDXH2wy9SlFs
pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 10 Jul 2021 00:38:10 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 50EC 43 B
324 B 36ms
17ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPzBvH4L-MLdEtDeP_86cQM&google_push=AYg5qPKYbNLoaFWRQMrwheQ0jG-Na-9EKC3EnkQy2mnVJblBCjE-BWwgolnG3snqvsXDoKZBkkLZEXlvlLpcgRMRkSgUX8uH9Uk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&adk=3783568413&adf=470541226&pi=t.aa~a.4009549588~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x90&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250%2C1200x280&nras=3&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=RioE3Walc6&p=https%3A//all-news.co&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 50EC
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEFBwjoen0qjB0TBQkpaO4u0&google_cver=1&google_push=AYg5qPLkQO6bEkc3vvGv-0aj67aQ_DtlwC7_ujiij-zttJaFAA9kRzRuW5yMjWv8Nwt-u6tn9Bn2VN5efSzUXceFVaGjZ4JSSsp8
https://rtb.openx.net/sync/dds?google_gid=CAESEFBwjoen0qjB0TBQkpaO4u0&google_cver=1&google_push=AYg5qPLkQO6bEkc3vvGv-0aj67aQ_DtlwC7_ujiij-zttJaFAA9kRzRuW5yMjWv8Nwt-u6tn9Bn2VN5efSzUXceFVaGjZ4JSSsp8&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLkQO6bEkc3vvGv-0aj67aQ_DtlwC7_ujiij-zttJaFAA9kRzRuW5yMjWv8Nwt-u6tn9Bn2VN5efSzUXceFVaGjZ4JSSsp8&google_hm=OCJtdUmezskZ_TqoCF2pgg==

170 B
188 B

30ms
16ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLkQO6bEkc3vvGv-0aj67aQ_DtlwC7_ujiij-zttJaFAA9kRzRuW5yMjWv8Nwt-u6tn9Bn2VN5efSzUXceFVaGjZ4JSSsp8&google_hm=OCJtdUmezskZ_TqoCF2pgg==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLkQO6bEkc3vvGv-0aj67aQ_DtlwC7_ujiij-zttJaFAA9kRzRuW5yMjWv8Nwt-u6tn9Bn2VN5efSzUXceFVaGjZ4JSSsp8&google_hm=OCJtdUmezskZ_TqoCF2pgg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: bf0hib6mftt6c39cqn747st0gkfc4vb3

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 50EC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jHO5gSdbSR6jWhLh0MOBPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

16ms
16ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jHO5gSdbSR6jWhLh0MOBPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOhkiF9-K6ASoSOJIZN7BfLDakmA6CIdVpY--H6Dip5QDNYIUaahHX0xo1kDqdaFcs6zsqZNd5Zwpm6R5X6NyOdHACeW5m

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jHO5gSdbSR6jWhLh0MOBPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOhkiF9-K6ASoSOJIZN7BfLDakmA6CIdVpY--H6Dip5QDNYIUaahHX0xo1kDqdaFcs6zsqZNd5Zwpm6R5X6NyOdHACeW5m
date: Sat, 10 Jul 2021 00:38:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 50EC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHYzGWPMjjrlQbJtQC55Bt4&google_cver=1&google_push=AYg5qPIwu6IsHzlqP_CE6Fe42vTjxSuoKi8vjftzrWzbtFjsHWKjnIEBOy0WAbLwDklI_a24btc...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYMUg4R1gtTy1IU0Yz&google_push=AYg5qPIwu6IsHzlqP_CE6Fe42vTjxSuoKi8vjftzrWzbtFjsHWKjnIEBOy0WAbLwDklI_a24btchOkQ1_ZL-xKsT6TU0XwOBh6bc

170 B
188 B

17ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYMUg4R1gtTy1IU0Yz&google_push=AYg5qPIwu6IsHzlqP_CE6Fe42vTjxSuoKi8vjftzrWzbtFjsHWKjnIEBOy0WAbLwDklI_a24btchOkQ1_ZL-xKsT6TU0XwOBh6bc

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FYMUg4R1gtTy1IU0Yz&google_push=AYg5qPIwu6IsHzlqP_CE6Fe42vTjxSuoKi8vjftzrWzbtFjsHWKjnIEBOy0WAbLwDklI_a24btchOkQ1_ZL-xKsT6TU0XwOBh6bc
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 50EC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfo...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 50EC 0
253 B 41ms
14ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3bucG-9e-ucDuYmw6TxLdneL5XSMA6hbfMMOEHe-P3pG3bP8v0_Tc1pcDD9WoB4349Kmb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6BD8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmD7grPD39g6V589g2tMFtpClo55tZoWJK1J0oqSEJ-rKo_Lw0g-Jy3swRErhg; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Jul 2021 00:38:10 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 10-Jul-2021 01:38:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 00:38:10 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Jul 2021 00:38:10 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 32D9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c862613850a35b65f2dc67dffef14b86f931893424e2a584547b02ab7355926

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B63 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 11:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 133820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 11:27:50 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 32D9 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 323152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:52:18 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 32D9 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 17:47:08 GMT
x-content-type-options: nosniff
age: 370262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 17:47:08 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 137F 3 KB
4 KB 31ms
13ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sat, 10 Jul 2021 00:38:10 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2635108
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AfODSLYxFSj0iExIzHz2%2BTWYCxViltC03AIYK7dv%2BLaxtNZ9ayXl6pcz186Bdh5apqPOnye3IsgBVQP1s7QHvtF0wgXNDUtIsPjGVxi5ftqmXPN1voPHeMt4wJWh6M3Mmr0BatfrUlIRNlTb0qA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 66c5ba49cc2bd711-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 1112 2 KB
2 KB 18ms
17ms Document
text/html 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1gqmhtq39hfx98q7pff51e99vr2xa0q5s3ce8pnv4bp2h0jk08f518nerfg29xv9142v19b5jpvt89a5w90vderb38nkfgtjj11sxg50rv5404157826w3qcrm5ck8zz1whj8nm1cxq04qzqaaaypfebk0wvvfhvybfzspg311xxb4mgt828shap1jq6nqs790cvznjdtegj7yn1a8w52cjg2t197p6kc7xbxzb535xydxgj5z967jpvx4yvc4z17p7ka5rzjfb8rmp9mbzjzp741094xmraqcaep8xh6hwxn4b59esv9ve8t1fys2nf157mxh36xmfpy25gpgjmx0z48ywy70dbsfqq3k2hg9p8echyqmfh617rmpkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%26client%3Dca-pub-8439024877331049%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1gqmhtq39hfx98q7pff51e99vr2xa0q5s3ce8pnv4bp2h0jk08f518nerfg29xv9142v19b5jpvt89a5w90vderb38nkfgtjj11sxg50rv5404157826w3qcrm5ck8zz1whj8nm1cxq04qzqaaaypfebk0wvvfhvybfzspg311xxb4mgt828shap1jq6nqs790cvznjdtegj7yn1a8w52cjg2t197p6kc7xbxzb535xydxgj5z967jpvx4yvc4z17p7ka5rzjfb8rmp9mbzjzp741094xmraqcaep8xh6hwxn4b59esv9ve8t1fys2nf157mxh36xmfpy25gpgjmx0z48ywy70dbsfqq3k2hg9p8echyqmfh617rmpkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%26client%3Dca-pub-8439024877331049%26adurl%3D

Response headers

date: Sat, 10 Jul 2021 00:38:10 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 10 Jul 2021 01:38:10 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1395733
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=10hcxqkmDrA0Y%2F1tIvxbN4tm9%2F0H%2BPgBVJhLGaivlk0WUJeTprhvNdHm6Ud37Iktm5UFWBpf3kjBxZ4ATVvzel%2FXlCMXccyYX6%2FwhrUxmoe5zfWA0Ze1d4lG62QS7%2B3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 66c5ba49cf632bf2-FRA
content-encoding: br

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 224B 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 11:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 133820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 11:27:50 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 7F72 4 KB
617 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489444&bpp=2&bdt=428&idt=219&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=279oV9EjwM&p=https%3A//all-news.co&dtd=225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Jul 2021 23:13:43 GMT
server: ESF
date: Sat, 10 Jul 2021 00:38:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jul 2021 00:38:10 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 7F72 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:34:40 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/ Frame 7F72 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:24:15 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 7F72 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:32:14 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F72 123 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:10 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sat, 10 Jul 2021 00:38:10 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 7F72 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:36:25 GMT

GET
H3-29 200 a419caddb94ba229832f3cb0e96cc3a1.js Show response
www.gstatic.com/mysidia/ Frame 7F72 26 KB
11 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a419caddb94ba229832f3cb0e96cc3a1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1608463daf92a71b2a1c6ee7042cc0a1b6bf99f1a1816787c554536948a50ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 09:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10765
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 01:32:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Oct 2021 09:28:35 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/18335350982803121464/ Frame 7F72 12 KB
12 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18335350982803121464/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

370cfc3b0c6fb7160b86add0e63b628f71a7cea2285f492acc389d9e9f62f8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 07:43:43 GMT
x-content-type-options: nosniff
age: 320067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12751
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 18:19:09 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 07:43:43 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7F72 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8Cjc8evoYPv5KZry-gbi7LGgCtnDnMhjsLKp1dYNtYqT3vglEAEgzNPsggFglQKgAfHntKwByAEGqQK3zvaIH-6zPqgDAcgDywSqBJgCT9A9JHbrXdNfHsKkDmOuRl9umzONpDp1G2O-L7veVjVNP8yjeuJjIF_DQRmLmxC1Jf7qYydslFEtbWCLB5ZBFVDcukLXluaIYa9qu8lI46j13eFjBjTLr66pq_OHLskkf-6ZdQJkCnDzEyRqWDf9wKEQ6F5caUUgEWKQXYO9l1v83Ygy3FtNTPrjcmNVshBN-v3JRRwU8bc9N6Ei-2EWUu5d5mDhTQRNXdi6qo7dxQkwJRFXhUH4t0BAb1aJp2ZjCOZ7abt4Rnz5GgdLnVpRMKXsn2MUJN2UXMFJ1bz_i3eHIk4YUW0klQk4Gi5VvyP1XtVqKiREXj97_NX5XkpR4tc4F0u1b3V97SXozz6eQACVAUVi_NgkUMAEh9qL1dYDkgUECAQYAZIFBAgFGASgBjeAB_eXy9MCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEKbrB9IICQiA4YAQEAEYH4AKAcgLAdgTDYgUBNAVAYAXAbIXGgoYCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5&sigh=95PBenPXW1Q&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1625877489&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489444&bpp=2&bdt=428&idt=219&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=279oV9EjwM&p=https%3A//all-news.co&dtd=225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Jul 2021 00:38:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 4038989640693180087
tpc.googlesyndication.com/simgad/ Frame 2807 76 KB
76 KB 7ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4038989640693180087?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlQk_i4tOhyfyC9mddyhnTEofhSEw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1576612686&adf=3695330392&pi=t.aa~a.2652133880~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250&nras=2&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=LvsBBbKpzG&p=https%3A//all-news.co&dtd=15

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c7212646f9d60bab57869985dbc5f3612f965fc6e7bbea778f6c783851b2baa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 08:28:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Jul 2021 14:15:05 GMT
server: sffe
age: 317393
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77613
x-xss-protection: 0
expires: Wed, 06 Jul 2022 08:28:17 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/ Frame 2807 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:24:15 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 2807 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:32:14 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2807 123 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:10 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sat, 10 Jul 2021 00:38:10 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 2807 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:36:25 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 2807 0
0 14ms
13ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqUOaaKXKuKX6N6BCC-Qgej6YUBjWgv57qH-W8Azr3MHM56jwnTRDR7rpqttJ9gFRz5YoZ7B8jdfj0tB-SEMhcv4xQSw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1576612686&adf=3695330392&pi=t.aa~a.2652133880~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250&nras=2&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=LvsBBbKpzG&p=https%3A//all-news.co&dtd=15
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 2807 26 KB
11 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b35e873b9db413a09f24235dd3be68816999fc978a0bacf7b0ad5ee20947a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 14:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10743
x-xss-protection: 0
server: cafe
etag: 12938648275481418145
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Jul 2021 14:56:35 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2807 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMkND8evoYMruL4KKx_APxbegmAuAgK_IY9HC3veNDtrZHhABIMzT7IIBYJUCyAECqQJ90TuvZeuzPqgDAcgDyQSqBJUCT9Ay-mE70WEc72q32n5KZbcapFTx_NV0N9mopIoP3vT03ik_nXhTYA3Tdl4WjyMds4H1LhAW82Is16h5sRPNdmT8X3koxenUW3b5ESz-G3TmRvWcC6J9pndeyEHMGC3VvzoWPgugtW-2soq2LaHeBBlOdVD2QgCy3aV5sMJSctw2byLzWfuE9mjPiwIcgMYn5S9tWM0a3dw9aHQL-RNHJMHId2saQbwLb9vYX1Ceu1QTjexz76e-ZLE9RUWPYy3DmLSyO5O2AhnrZmldFxdxPvZwxLkaxlEQwYwaFJmr2eSF6E8351llR63uqJsetcq-N03cKLyxmVPuY2q8glO21W_0vjzma4bmSm_Z7GeAGtC1e182rcAEvf_H8c0DkgUECAQYAZIFBAgFGASgBgKAB-WJwTioB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQwIQD0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTg0MzkwMjQ4NzczMzEwNDk&sigh=iBxxgdiHtDM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1576612686&adf=3695330392&pi=t.aa~a.2652133880~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250&nras=2&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=LvsBBbKpzG&p=https%3A//all-news.co&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Jul 2021 00:38:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7F72 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15b93c2a84f8b118a75afdc7ad60294de6f6cf4b3dd344fd13e6f516f59c0821

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 7F72 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 323152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:52:18 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 7F72 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 17:47:08 GMT
x-content-type-options: nosniff
age: 370262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 17:47:08 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B55C 143 B
163 B 8ms
5ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1576612686&adf=3695330392&pi=t.aa~a.2652133880~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250&nras=2&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=LvsBBbKpzG&p=https%3A//all-news.co&dtd=15
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUlUYX4gS9WanmqSMExbE7tOAUdrfXrw_KZkIPkzTGOYo2zzs7gqEDcIQOIdYsk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1576612686&adf=3695330392&pi=t.aa~a.2652133880~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250&nras=2&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=LvsBBbKpzG&p=https%3A//all-news.co&dtd=15

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 09 Jul 2021 23:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EC85 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Jul 2021 11:56:19 GMT
expires: Sat, 10 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 45711
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2807 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fad528ffedd0e69f495a1cc5a9aa67bad6f23b587ac92c2a0a0124832f8c5e71

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C04 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 11:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 133820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 11:27:50 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/ Frame 2A3F 2 KB
810 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/index.html

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ef5da18f8b87352f7274273f3a801336d73b18dd24bff1a4633fabe73bcb363

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/16215012808405873833/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 782
date: Tue, 06 Jul 2021 05:26:08 GMT
expires: Wed, 06 Jul 2022 05:26:08 GMT
last-modified: Mon, 15 Mar 2021 09:48:27 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 328322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A463 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcdR_8evoYIyKLbCwx_AP57me0AbNpv28Y52c8sinDavIk-qPJxABIMzT7IIBYJUCoAGunsy7AsgBCakCt872iB_usz6oAwHIA0iqBJUCT9CoUDxH1V-JsuZMszANB85EAU6guGz2AkiiO9OH1OBA06gVxo7CALMQDfb_0LIZLYyKUmW-jxLg4GLaHFNu0Jcu60FtTCCjl7gKyKTH7JDldbuItP1iItB-pNtsh2mSoQxEZe4j1sCG8eRxmJd-D0nq8iZGGprZlKTZuAjEJVOqZk9xIQ77tYNmVVyfRxEj6MkOtpWTVj3IfCabaWjzs9v3I0MD_J0Hb66xSN5jOXC22oCC_QFTQvqQn3oacClGlP7OnOFNOpyiBj8H1UqD-34MUZhTpTR-AWMmZmp9bsmo4GRz0EePLMrHUfKksi9my9hzJqWKaPcj-HdhS6UF6-mWJSsN_Wh1ZBvWF_xAelZJgYg6T8AElIyppLoDkgUECAQYAZIFBAgFGASgBi6AB6yG1YMCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOGQC9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5&sigh=WILN4Cwmlo8&template_id=419

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=3117778216&adf=3437838863&pi=t.ma~as.9785579158&w=324&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489497&bpp=15&bdt=481&idt=218&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=yK4gmMM5Rx&p=https%3A//all-news.co&dtd=222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Jul 2021 00:38:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/ Frame A463 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=3117778216&adf=3437838863&pi=t.ma~as.9785579158&w=324&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489497&bpp=15&bdt=481&idt=218&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=yK4gmMM5Rx&p=https%3A//all-news.co&dtd=222

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:24:15 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame A463 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:32:14 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A463 123 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:10 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sat, 10 Jul 2021 00:38:10 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame A463 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jul 2021 00:36:25 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A463 0
0 13ms
13ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvcHrITvbXfxHP5Tb1Uovhr3OC18423CFobdYsv1vxm7eJeUFnufe3EcGolYJmbFvegTMAxpeimSBZ9A3nB4WoqaNC3Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=3117778216&adf=3437838863&pi=t.ma~as.9785579158&w=324&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489497&bpp=15&bdt=481&idt=218&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=yK4gmMM5Rx&p=https%3A//all-news.co&dtd=222
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EC85
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELt5rqvPpOQziyKnq1rcXYs&google_cver=1&google_push=AYg5qPK_TbiRJIGdJD0nf0VwRqvybR_zMt30X38DwoG4nD7Us6mBPaJJup...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK_TbiRJIGdJD0nf0VwRqvybR_zMt30X38DwoG4nD7Us6mBPaJJupMAsCqnV6xofKe7POXUQ00HGnIpmZeEa2JFIYeSMA&google_hm=wezai6C8...

170 B
188 B

20ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK_TbiRJIGdJD0nf0VwRqvybR_zMt30X38DwoG4nD7Us6mBPaJJupMAsCqnV6xofKe7POXUQ00HGnIpmZeEa2JFIYeSMA&google_hm=wezai6C8F_EVIulobsnSsg

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK_TbiRJIGdJD0nf0VwRqvybR_zMt30X38DwoG4nD7Us6mBPaJJupMAsCqnV6xofKe7POXUQ00HGnIpmZeEa2JFIYeSMA&google_hm=wezai6C8F_EVIulobsnSsg
pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EC85
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEKyj_ph6gm5sjIoJ3y_HMFk&google_cver=1&google_push=AYg5qPJJjjjRG_9IuSZ3qrjSdwbl92TkOZIXbQ8f2SrHsHjAADloJ_zhjR7mYd5cGIRCX5B1lzxUdV74UbvyiJrbPsBVe5EO8w
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJJjjjRG_9IuSZ3qrjSdwbl92TkOZIXbQ8f2SrHsHjAADloJ_zhjR7mYd5cGIRCX5B1lzxUdV74UbvyiJrbPsBVe5EO8w&google_hm=Q0FFU0VLeWpfcGg2Z201c2p...

170 B
188 B

17ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJJjjjRG_9IuSZ3qrjSdwbl92TkOZIXbQ8f2SrHsHjAADloJ_zhjR7mYd5cGIRCX5B1lzxUdV74UbvyiJrbPsBVe5EO8w&google_hm=Q0FFU0VLeWpfcGg2Z201c2pJb0ozeV9ITUZr

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 00:38:09 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJJjjjRG_9IuSZ3qrjSdwbl92TkOZIXbQ8f2SrHsHjAADloJ_zhjR7mYd5cGIRCX5B1lzxUdV74UbvyiJrbPsBVe5EO8w&google_hm=Q0FFU0VLeWpfcGg2Z201c2pJb0ozeV9ITUZr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EC85
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIeYFqVVSMSbPpL13FSWUIU_kBQ6yKFNOPuLIeK6LCzihBdlBK2Vz6HWzRs0ifkL8on_Qba2BNU_OPI0RzMR-pehzxgoZo&google_gid=CAESEMgwoYV4ywh2mzSroxcALCY&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPLXo4cGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBJZVlGcVZWU01TYlBwTDEzRlNXVUlVX2tCUTZ5S0ZOT1B1TEllSzZMQ3ppaEJkbEJLMlZ6NkhXelJzMGlma0w4b25fUWJhMkJOVV9PUEkwUn...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbTRjNmNxQ1R0aE14RFJfMmhEcUh2dVYzRzlIdzczRkNCZ204N3JJMG51Yw==&google_push

170 B
188 B

16ms
16ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbTRjNmNxQ1R0aE14RFJfMmhEcUh2dVYzRzlIdzczRkNCZ204N3JJMG51Yw==&google_push

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 10 Jul 2021 00:38:10 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbTRjNmNxQ1R0aE14RFJfMmhEcUh2dVYzRzlIdzczRkNCZ204N3JJMG51Yw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame EC85 43 B
106 B 16ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJBScSD7k73ZQXiMOVsbMsE&google_push=AYg5qPKcZKqVo5l-7P5_nFuOK12zFXelJlBripa90RG6EGkD8Js-0aUUmXQPaCzu-WuEpNznt6aaaJrLCeURLzvKr4tnHH9yonU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1576612686&adf=3695330392&pi=t.aa~a.2652133880~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250&nras=2&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=LvsBBbKpzG&p=https%3A//all-news.co&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EC85
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jHO5gSdbSR6jWhLh0MOBPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

16ms
16ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jHO5gSdbSR6jWhLh0MOBPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLQKXK68loIZtk0jzSVQ-55MD64eVuPM4l7JqWmmnrSrgdeMmMkZ_seZd-VxHF2H6OwIrN7ufi3NSdimZl9E9nsS-Qsl1w

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jHO5gSdbSR6jWhLh0MOBPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLQKXK68loIZtk0jzSVQ-55MD64eVuPM4l7JqWmmnrSrgdeMmMkZ_seZd-VxHF2H6OwIrN7ufi3NSdimZl9E9nsS-Qsl1w
date: Sat, 10 Jul 2021 00:38:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 trk
ag.innovid.com/ Frame EC85 43 B
296 B 69ms
22ms Image
image/gif 2a05:d01c:1d8:8100:9065:1944:fd14:ef66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJ9HRcMuSsb2zgvFfchEdbI&google_cver=1&google_push=AYg5qPICLQxLEoBOjtlJTv9jCWI49tKChbr2kyQoWjMnbEPuizSJRe4sLPCY8QnRtNpeR6OvWmEuoII_EifoEppG7p4LfT8XLmo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1576612686&adf=3695330392&pi=t.aa~a.2652133880~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489750&bpp=1&bdt=734&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1908e07d6dd876e9-22b0496e79c800ea%3AT%3D1625877489%3ART%3D1625877489%3AS%3DALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x250&nras=2&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=LvsBBbKpzG&p=https%3A//all-news.co&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:9065:1944:fd14:ef66 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EC85
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEEv0NlYLBHvGumy0Y9J_Z00&google_cver=1&google_push=AYg5qPJIcVLXF5lu4rLYJrjj...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJIcVLXF5lu4rLYJrjjyS4y7KBVSc1UykpwfN2ePIAYE-MT0A9tckttzOXGTNISu2r7GDTyZo2Pbl4eWaPmsw0F29zzOFQs&google_hm=

170 B
188 B

19ms
19ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJIcVLXF5lu4rLYJrjjyS4y7KBVSc1UykpwfN2ePIAYE-MT0A9tckttzOXGTNISu2r7GDTyZo2Pbl4eWaPmsw0F29zzOFQs&google_hm=

Requested by

Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJIcVLXF5lu4rLYJrjjyS4y7KBVSc1UykpwfN2ePIAYE-MT0A9tckttzOXGTNISu2r7GDTyZo2Pbl4eWaPmsw0F29zzOFQs&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 09 Jul 2021 00:38:10 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame EC85 0
12 B 16ms
15ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kl72PprpBCPmqX0ORR4CTTD8mFKsRVBLs_0eokWpWWMxQsxcEt0A-_jQchOZJsYV-GpLpGSA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3-29 200 rs Show response
ad4m.at/ Frame 137F 1 KB
2 KB 42ms
42ms XHR
text/plain 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7e85b4af227120a6e47636b8ee4b5499ad262654ef4e32ad0e5f393ff110cd9

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gqmhtq39hfx98q7pff51e99vr2xa0q5s3ce8pnv4bp2h0jk08f518nerfg29xv9142v19b5jpvt89a5w90vderb38nkfgtjj11sxg50rv5404157826w3qcrm5ck8zz1whj8nm1cxq04qzqaaaypfebk0wvvfhvybfzspg311xxb4mgt828shap1jq6nqs790cvznjdtegj7yn1a8w52cjg2t197p6kc7xbxzb535xydxgj5z967jpvx4yvc4z17p7ka5rzjfb8rmp9mbzjzp741094xmraqcaep8xh6hwxn4b59esv9ve8t1fys2nf157mxh36xmfpy25gpgjmx0z48ywy70dbsfqq3k2hg9p8echyqmfh617rmpkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 66c5ba4bca222bf2-FRA
date: Sat, 10 Jul 2021 00:38:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=r6MpGqZTrs2A68XcC6eVh2EmAcT%2BJ%2FMDoosVNSqZRxMrWdvZZTkfS2C6rrRT4R0ndaPqimdtXFulLzYt6kh1XjmHnORTir%2Bz2TbgEN2EUGdUOLSnFTFz8t0cOnye%2FvtC"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-rvz5

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B920 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=3117778216&adf=3437838863&pi=t.ma~as.9785579158&w=324&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489497&bpp=15&bdt=481&idt=218&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=yK4gmMM5Rx&p=https%3A//all-news.co&dtd=222
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUlUYX4gS9WanmqSMExbE7tOAUdrfXrw_KZkIPkzTGOYo2zzs7gqEDcIQOIdYsk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=3117778216&adf=3437838863&pi=t.ma~as.9785579158&w=324&fwrn=4&fwrnh=100&lmt=1625877489&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2Fcity-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625877489497&bpp=15&bdt=481&idt=218&shv=r20210701&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=172693140925&frm=20&pv=1&ga_vid=194994674.1625877489&ga_sid=1625877490&ga_hid=670992071&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3680231040049981&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=yK4gmMM5Rx&p=https%3A//all-news.co&dtd=222

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 09 Jul 2021 23:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B55C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUlUYX4gS9WanmqSMExbE7tOAUdrfXrw_KZkIPkzTGOYo2zzs7gqEDcIQOIdYsk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Jul 2021 00:38:10 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 10-Jul-2021 01:38:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 00:38:10 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Jul 2021 00:38:10 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame FBB6 35 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 11:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 133820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 11:27:50 GMT

GET
DATA 200
OK truncated
/ Frame A463 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0aebf53548d8e635830779fec7a7ba4ac0c91e5657ca2008d425a879dc99266b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2A3F 9 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 23:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 10 Jul 2021 23:05:48 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2A3F 26 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 18:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 10 Jul 2021 18:31:13 GMT

GET
H3-29 200 style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/css/ Frame 2A3F 6 KB
2 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/css/style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53508370870f07a8e0622c65b014e420acf79651a6a58343427f1032c76d91dd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 355785
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1632
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:48:27 GMT
server: sffe
date: Mon, 05 Jul 2021 21:48:25 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 21:48:25 GMT

GET
H3-29 200 script.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/js/ Frame 2A3F 3 KB
625 B 8ms
7ms Script
application/x-javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/js/script.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecdc50d52c709dcee691a38026d3fd60a962e65db82c697ebdc2d0e23bff66fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 353873
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 594
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:48:27 GMT
server: sffe
date: Mon, 05 Jul 2021 22:20:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 22:20:17 GMT

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame A463 0
20 B 52ms
39ms Other
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzG5dGh1_ECFTDYEQgd55wHag&gqi=8evoYNzBLIe4x_APjI-rwAw&layout=/sadbundle/%24csp%253Der3%24/16215012808405873833/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame B5BD 11 KB
4 KB 30ms
21ms Document
text/html 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=n2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xr&g=c540e7eb97b1b8a686f532741993223a%2F18013672204246427255&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20awtk1bbb8wt0w05pxfaja3b1n6512aq46zmngf1997erxts0scs9rvk5gdeecmq70nbma4d9hb7v4djghw2484yw97hegj7ngw9705vn08mee0srs81r45s2r9541vytc5nxzbn4d84mmnqkgpbc3yr65nfqsnc971fdte0e6bfchf30ns9cja1mzzm86vng0mnagy8ay849hvs3t8mhmtqqb5qgfm4tkf6twfgydcw4p0ytn2hw3abtjk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1a508e46b91f219c24122931b20534de149dd8b0fef6286173410ee2641c1b4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=n2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xr&g=c540e7eb97b1b8a686f532741993223a%2F18013672204246427255&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20awtk1bbb8wt0w05pxfaja3b1n6512aq46zmngf1997erxts0scs9rvk5gdeecmq70nbma4d9hb7v4djghw2484yw97hegj7ngw9705vn08mee0srs81r45s2r9541vytc5nxzbn4d84mmnqkgpbc3yr65nfqsnc971fdte0e6bfchf30ns9cja1mzzm86vng0mnagy8ay849hvs3t8mhmtqqb5qgfm4tkf6twfgydcw4p0ytn2hw3abtjk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:10 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66c5ba4c2be02c19-FRA
content-encoding: br

GET
H3-29 200 bg_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/img/ Frame 2A3F 40 KB
40 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/img/bg_1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a23e11eb8676f49330e9b6076c7020b1203a6439975333019d27be5f1d775c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 328800
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40814
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:48:27 GMT
server: sffe
date: Tue, 06 Jul 2021 05:18:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:18:10 GMT

GET
H3-29 200 bg_2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/img/ Frame 2A3F 27 KB
27 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/img/bg_2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca1a8b33b9235387ccc62f6feef01676f8788c02fa1b235efdf0a36b600b9b1e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 331825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27549
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:48:27 GMT
server: sffe
date: Tue, 06 Jul 2021 04:27:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:27:45 GMT

GET
H3-29 200 banner.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/img/ Frame 2A3F 18 KB
18 KB 8ms
8ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/img/banner.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3471bb0a9d265d444a4d6dcb3be99a684cc8348f97f4ad425de8c9922e41183

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 357797
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18669
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:48:27 GMT
server: sffe
date: Mon, 05 Jul 2021 21:14:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 21:14:53 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B920
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUlUYX4gS9WanmqSMExbE7tOAUdrfXrw_KZkIPkzTGOYo2zzs7gqEDcIQOIdYsk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Jul 2021 00:38:10 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 10-Jul-2021 01:38:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Jul 2021 00:38:10 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Jul 2021 00:38:10 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame B5BD 64 KB
7 KB 18ms
16ms Stylesheet
text/css 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=n2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xr&g=c540e7eb97b1b8a686f532741993223a%2F18013672204246427255&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20awtk1bbb8wt0w05pxfaja3b1n6512aq46zmngf1997erxts0scs9rvk5gdeecmq70nbma4d9hb7v4djghw2484yw97hegj7ngw9705vn08mee0srs81r45s2r9541vytc5nxzbn4d84mmnqkgpbc3yr65nfqsnc971fdte0e6bfchf30ns9cja1mzzm86vng0mnagy8ay849hvs3t8mhmtqqb5qgfm4tkf6twfgydcw4p0ytn2hw3abtjk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=n2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xr&g=c540e7eb97b1b8a686f532741993223a%2F18013672204246427255&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20awtk1bbb8wt0w05pxfaja3b1n6512aq46zmngf1997erxts0scs9rvk5gdeecmq70nbma4d9hb7v4djghw2484yw97hegj7ngw9705vn08mee0srs81r45s2r9541vytc5nxzbn4d84mmnqkgpbc3yr65nfqsnc971fdte0e6bfchf30ns9cja1mzzm86vng0mnagy8ay849hvs3t8mhmtqqb5qgfm4tkf6twfgydcw4p0ytn2hw3abtjk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1006429
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 66c5ba4c8ac92bf2-FRA
expires: Sat, 10 Jul 2021 01:38:10 GMT

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame B5BD 18 KB
19 KB 34ms
22ms Image
image/webp 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=n2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xr&g=c540e7eb97b1b8a686f532741993223a%2F18013672204246427255&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20awtk1bbb8wt0w05pxfaja3b1n6512aq46zmngf1997erxts0scs9rvk5gdeecmq70nbma4d9hb7v4djghw2484yw97hegj7ngw9705vn08mee0srs81r45s2r9541vytc5nxzbn4d84mmnqkgpbc3yr65nfqsnc971fdte0e6bfchf30ns9cja1mzzm86vng0mnagy8ay849hvs3t8mhmtqqb5qgfm4tkf6twfgydcw4p0ytn2hw3abtjk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 10 Jul 2021 00:38:10 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 634016
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UwOGp5bgSvwEzU_da1b77w9WducnNtAstYqvxSKIr83PnCr9Z1OUEVynQSlskeHgfZHvWTiqDm_G4ijz27hD2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KvDSBAA7if%2FcGa5m2pPoLMuWcHl7gkuzhhhqmZ48lqaklHy4yG8dSq7Jf%2FKG75dw%2FMHTmakY4mtWQkkx4wWlVIDql0%2BhXv2dVABKwR51BWamteBUOOejSQCi3KzZPIdqkzPKMDThlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 11 Jul 2021 00:38:10 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 66c5ba4c9c622c19-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
assets.ad4m.at/product_image/ Frame B5BD 300 KB
301 KB 33ms
22ms Image
image/webp 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=n2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xr&g=c540e7eb97b1b8a686f532741993223a%2F18013672204246427255&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20awtk1bbb8wt0w05pxfaja3b1n6512aq46zmngf1997erxts0scs9rvk5gdeecmq70nbma4d9hb7v4djghw2484yw97hegj7ngw9705vn08mee0srs81r45s2r9541vytc5nxzbn4d84mmnqkgpbc3yr65nfqsnc971fdte0e6bfchf30ns9cja1mzzm86vng0mnagy8ay849hvs3t8mhmtqqb5qgfm4tkf6twfgydcw4p0ytn2hw3abtjk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EZXtXA==, md5=mgoAJVijZFI0Dr9oP+Il1A==
date: Sat, 10 Jul 2021 00:38:10 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 282691
cf-polished: origFmt=png, origSize=594083
x-guploader-uploadid: ADPycdvWJ381jsUt3c2bnyOhsBN8eT56nGWU8guSKptbqewJ7lWXtv7hCFpR_BhaOadTH3GNJmU2b2YxIsOfzxtQN1GTJaUo4g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 307160
last-modified: Tue, 22 Jun 2021 13:51:23 GMT
server: cloudflare
etag: "9a0a002558a36452340ebf683fe225d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Lgr2OcAAbzRLN7YTDfGVzhZXneFobOjjF9EsUM%2FEP2HOUNQFcdQdZms6UzTb1jICa3DaLE4T9vm6fn8CPvOdNNpYaBFt%2Bsa32w%2BTlGrRgFnZa61TFqVw5tPkMEuxJcFaeQo%2FFMZt2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624369883413081
content-type: image/webp
expires: Sun, 11 Jul 2021 00:38:10 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 594083
accept-ranges: bytes
cf-ray: 66c5ba4c9c5e2c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame B5BD 43 B
704 B 89ms
44ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519575&v=14098&q=379092&r=412871&pv=1&pref3=oneidVx7fwfmfEdghVHbHAtRt8bGU5tzTzQkoneid__asuidn2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xrasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 00:38:10 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame B5BD 38 KB
39 KB 34ms
23ms Image
image/webp 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=n2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xr&g=c540e7eb97b1b8a686f532741993223a%2F18013672204246427255&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20awtk1bbb8wt0w05pxfaja3b1n6512aq46zmngf1997erxts0scs9rvk5gdeecmq70nbma4d9hb7v4djghw2484yw97hegj7ngw9705vn08mee0srs81r45s2r9541vytc5nxzbn4d84mmnqkgpbc3yr65nfqsnc971fdte0e6bfchf30ns9cja1mzzm86vng0mnagy8ay849hvs3t8mhmtqqb5qgfm4tkf6twfgydcw4p0ytn2hw3abtjk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sat, 10 Jul 2021 00:38:10 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 281164
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycduzEsKmHJ9XnazLcgyIST6JAnrdiSfNTGNTLcRjC2_OeQmEIoOlDWqmbWhdU_P8K9SQp2VPTK-eDFCqk-eckddlwWfK9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LkFpxHkcWwU6Ic3arVGcX5TIipPKy7VaUy7EPqs0u4zkUVJV46RGHRnP%2F5VjwOKa4OgBM5hru1qEIlFYNcdLqjwRbKxRjREuVslaCt%2F6liYFgHISF3P%2B3mEpsrkb90tXccGrJTH3gg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sun, 11 Jul 2021 00:38:10 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 66c5ba4c9c612c19-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame B5BD 113 KB
113 KB 28ms
17ms Image
image/webp 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=n2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xr&g=c540e7eb97b1b8a686f532741993223a%2F18013672204246427255&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20awtk1bbb8wt0w05pxfaja3b1n6512aq46zmngf1997erxts0scs9rvk5gdeecmq70nbma4d9hb7v4djghw2484yw97hegj7ngw9705vn08mee0srs81r45s2r9541vytc5nxzbn4d84mmnqkgpbc3yr65nfqsnc971fdte0e6bfchf30ns9cja1mzzm86vng0mnagy8ay849hvs3t8mhmtqqb5qgfm4tkf6twfgydcw4p0ytn2hw3abtjk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sat, 10 Jul 2021 00:38:10 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 277179
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycds0a9SwZTCzEc33e8SYPnGf46wKHYPGSLocvC9Hkd-remaq7J29nilNwcjqfltvEfedVX9AwqjCcYNYKIL59W_o7khgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mxtyyPVB%2Fsx9L7MLBK8taI7MiVJtKTf%2BqL88bsGEDnR%2BJSkAwOlkbPobSAhr6R0RbdPW6TR1dvQ20Wz86hqeYnQo1mdisHjPJmHUQRkmZ6S93WsGK3uql%2BSiQPv9pDr%2FGyjz%2FCpHag%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sun, 11 Jul 2021 00:38:10 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 66c5ba4c9c602c19-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame B5BD 43 B
702 B 103ms
51ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuidn2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xrasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 00:38:10 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame B5BD 38 KB
39 KB 26ms
15ms Image
image/webp 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=n2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xr&g=c540e7eb97b1b8a686f532741993223a%2F18013672204246427255&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20awtk1bbb8wt0w05pxfaja3b1n6512aq46zmngf1997erxts0scs9rvk5gdeecmq70nbma4d9hb7v4djghw2484yw97hegj7ngw9705vn08mee0srs81r45s2r9541vytc5nxzbn4d84mmnqkgpbc3yr65nfqsnc971fdte0e6bfchf30ns9cja1mzzm86vng0mnagy8ay849hvs3t8mhmtqqb5qgfm4tkf6twfgydcw4p0ytn2hw3abtjk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sat, 10 Jul 2021 00:38:10 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 284511
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdu0NdDV6uwVZ6V13FVfdyR8XwOYKSgjjNc0acRxVoEA3EnSDftyN5e9NVmePTjPRBpccOWs0YG6A3qSHVVM05SbZtkZjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EeKV8GJF7PD7mJPBhw2NZZlX5LFKEa8S8o4LxZqIOUb52hgzF8DkFR8Y9CvjfYnv6kaZpR1%2F0SSD8DDegjH8UwAqCY%2FdbVAQTxGczeI5wRZSFnYzBPTD0MWVyPbyYRFYPcat4vd6%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sun, 11 Jul 2021 00:38:10 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 66c5ba4c9c5d2c19-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame B5BD 84 KB
84 KB 33ms
22ms Image
image/jpeg 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=n2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xr&g=c540e7eb97b1b8a686f532741993223a%2F18013672204246427255&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20awtk1bbb8wt0w05pxfaja3b1n6512aq46zmngf1997erxts0scs9rvk5gdeecmq70nbma4d9hb7v4djghw2484yw97hegj7ngw9705vn08mee0srs81r45s2r9541vytc5nxzbn4d84mmnqkgpbc3yr65nfqsnc971fdte0e6bfchf30ns9cja1mzzm86vng0mnagy8ay849hvs3t8mhmtqqb5qgfm4tkf6twfgydcw4p0ytn2hw3abtjk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sat, 10 Jul 2021 00:38:10 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1395642
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4SRCtz0IM5%2BIHCMLcIc4TTOOhQ6qRHSMlt6AJtaWnB3QxCek5BIQzBUiyMAx2FOMKCtTbsgkW80k5SSgRkQmI1R6xLJkRiKXLK5EbVygntadS5tnIw6eXisw1Yw26uk1yCfU9Yn80A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sun, 11 Jul 2021 00:38:10 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 66c5ba4c9c5f2c19-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A3F 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 11:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 133820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 11:27:50 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame B5BD 12 KB
13 KB 183ms
105ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidn2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xrasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidn2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xrasuid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=n2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xr&g=c540e7eb97b1b8a686f532741993223a%2F18013672204246427255&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20awtk1bbb8wt0w05pxfaja3b1n6512aq46zmngf1997erxts0scs9rvk5gdeecmq70nbma4d9hb7v4djghw2484yw97hegj7ngw9705vn08mee0srs81r45s2r9541vytc5nxzbn4d84mmnqkgpbc3yr65nfqsnc971fdte0e6bfchf30ns9cja1mzzm86vng0mnagy8ay849hvs3t8mhmtqqb5qgfm4tkf6twfgydcw4p0ytn2hw3abtjk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
Software: Apache /
Resource Hash: ef6a8ee35841ac2b43192c3ea24bbb8811060ce48f11d07f0f34f47ec2048a37

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 00:38:10 GMT
Last-Modified: Sat, 10 Jul 2021 00:38:10 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame B5BD 59 KB
60 KB 60ms
15ms Script
application/javascript 13.225.74.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidn2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xrasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidn2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xrasuid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9gxRQLkEbSwlqYx89yHTPWBPBM9yYdWx
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jun 2021 16:00:47 GMT
server: AmazonS3
age: 67819
etag: "edfa65aada7c65cbe3a78f39f8444ab3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 09 Jul 2021 05:47:52 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 60765
x-amz-cf-id: 3nTMtpOUM614177hFNs63OeYKmUQ09Wl1EJq1r8NldHziEFfw-UNOQ==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame B5BD 79 B
374 B 96ms
33ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSOOFxcTmFrAR0odm_dhrxbuJjkWxv5iJ3A0KAGYjqjV.lV9dXJsg8mcK4rTdybezA2wHCSFQ_01kKJA237lY5BSmVjMk.APi&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221625877490%22%2C%22%22%2C%22%22%2C%22%22%2C%221781397490%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidn2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xrasuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=5bfb3cceb8d00bdc67fad64ae5312294&userIP=89.249.64.203&doAffectv=1&wgtime=1625877490
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidn2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xrasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidn2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xrasuid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 00:38:11 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame B5BD 85 KB
85 KB 62ms
24ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidP3zUBfbfRbzh7CjHbtMtPzEHbtgtPproneid__asuidu1FBG8a2tP0wiD5x-A1PfVyjORzmv_a7asuid__webplexmedia_advancedad_728x90&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=n2HNLa1u5I3VvvImMhmAYTxvrjGcH2Xr&g=c540e7eb97b1b8a686f532741993223a%2F18013672204246427255&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20awtk1bbb8wt0w05pxfaja3b1n6512aq46zmngf1997erxts0scs9rvk5gdeecmq70nbma4d9hb7v4djghw2484yw97hegj7ngw9705vn08mee0srs81r45s2r9541vytc5nxzbn4d84mmnqkgpbc3yr65nfqsnc971fdte0e6bfchf30ns9cja1mzzm86vng0mnagy8ay849hvs3t8mhmtqqb5qgfm4tkf6twfgydcw4p0ytn2hw3abtjk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCJuC8evoYKaaMJXygAeku774B5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpArfO9ogf7rM-qAMBqgSUAk_QpOkjLQ3mTC_nvxatX3azT-_5zkVXNbfMWRJiN1x6nH4dnBshvcsojVUrx8G4cEg52UW_n-0JDApIY2eFo_stAwAbFFISZQ3fa5p5Y2bYBoRCt6JNbyH83L6A6HGxM4Z2ebEMJ1Rd3RGzfv5DE6UVusSL4ExBhjina8gdLkRo58jOhCKAfDCRiFSUIrmcGhzlEabguXKAJX9k9kZVngaQLNWCRt892rcoQ4RAMj9LbkeSRT6Bsqc53eMbh4eicn_nNILRrBZ-91eWX8LxnMPQQ8LmmlcrpuBMcWkJORzUyMkCZMxKrDAojWIf7qhEIdOBzavgKwt4O0rlD4D5XmtGB-RmPWDmy1ovYn6uoafVEDQbFIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2TPVzJof20lydAjkN1_QvYVw7grA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Jul 2021 00:38:10 GMT
Last-Modified: Sat, 10 Jul 2021 00:38:10 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame B5BD 63 B
270 B 107ms
34ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YSOOFxXfFrAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiey.25.ea8IXkb9WJMSubuTfwdUXGfe2Rc7L1eWNNW5BNlYiJ4uy.3zJ
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Jul 2021 00:38:11 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H3-29 200 3969-the-extra-point-following-julio-jones-trade-who-becomes-the-leader-of-the-falcons-324x400.jpg
all-news.co/wp-content/uploads/2021/07/ 22 KB
22 KB 13ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3969-the-extra-point-following-julio-jones-trade-who-becomes-the-leader-of-the-falcons-324x400.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e2841124754099f5277b5fce6b7d1d80c413a914b1119812f899354f867b9eb

Request headers

:path: /wp-content/uploads/2021/07/3969-the-extra-point-following-julio-jones-trade-who-becomes-the-leader-of-the-falcons-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6099
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22153
last-modified: Fri, 09 Jul 2021 20:24:38 GMT
server: cloudflare
etag: "5689-5c6b68f898efe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=m79zs5owLdilfVP26upzWx211fcZcIEul%2B4d%2BeL%2BjHogO1p1tDRdzkUPGkj0%2FpAmJcr5UNkiU5Ud8lfqCF8R%2Fpya8c9PuNZ1Tcyqkyu%2Fws6ZepxxjhCPjkHs2gOmF4ylMWWmx7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba4f8bfcc277-FRA

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210701&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ae68c2cb028f3da7c758b509f9cfd5d8b5d2fd59c7ebb0692bac8b4db8788c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Jul 2021 00:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8534
x-xss-protection: 0

POST
H2 200 v2gdcjzARLt9cojOoaUWNZ4CQlInJB8bvfNd2RZ9Y26I7P7bprjrvHlYV99nB7D0QzZHmQbf749zSecsuJLIXtiqT6lYKNfxMSyV9XjKgjfwDwhfyGp395TLjIQc2do3zNAD0cRVTrSg7 Show response
steadfastsystem.com/ 216 B
610 B 42ms
16ms Fetch
application/json 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2gdcjzARLt9cojOoaUWNZ4CQlInJB8bvfNd2RZ9Y26I7P7bprjrvHlYV99nB7D0QzZHmQbf749zSecsuJLIXtiqT6lYKNfxMSyV9XjKgjfwDwhfyGp395TLjIQc2do3zNAD0cRVTrSg7

Requested by

Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

f663e1b93176a1ed2aa04489a7cc426d9601e9f4a559d798f7ac3c0283e0157d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Sat, 10 Jul 2021 00:38:11 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 0586a9fb
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Sat, 10 Jul 2021 00:38:10 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3819 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlEgZrNVY0yVW_42SGkjI74uWRzqoxicsqW-8XMKm0XqdFKGznpJGhs3yzSYOBh3AXcIabW1spwh0dSiti0zFxePQEtbmi8pOh6u7FPSwcIv9K-T_1P4EjFpFx8A&sai=AMfl-YR3PFGtHx7eR97eYpdvmgxN6hISDF_lgFSobyggwZxBJ-7c8NPpvuUkS1w679heDV9biHg63LqI3KcB&sig=Cg0ArKJSzCZDqhgMSxtNEAE&id=lidar2&mcvt=1047&p=1039,266,1213,941&mtos=0,1047,1047,1047,1047&tos=0,1047,0,0,0&v=20210709&bin=7&avms=nio&bs=0,0&mc=0.92&if=1&app=0&itpl=4&adk=1134260940&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625877489684&dlt=253&rpt=27&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 3967-maybe-yes-napoli-boss-hints-at-interest-in-chelsea-defender-324x400.jpg
all-news.co/wp-content/uploads/2021/07/ 32 KB
32 KB 28ms
27ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3967-maybe-yes-napoli-boss-hints-at-interest-in-chelsea-defender-324x400.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 033d4d9f60025f01d25e2f152350f87253a8de049ad3be44072f4b2f2ab023c0

Request headers

:path: /wp-content/uploads/2021/07/3967-maybe-yes-napoli-boss-hints-at-interest-in-chelsea-defender-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6099
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 32466
last-modified: Fri, 09 Jul 2021 05:24:36 GMT
server: cloudflare
etag: "7ed2-5c6a9fcd168c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=W8eeFNuK1Ac5nFEAmTwN7AKfala28QIiLccQT8XsWjy%2F9zaygtF1Y89PxR3%2FyAdVbo5ePGnpzL5K8YF80ONZVRqZ6TE1yh8vCT5bgNISfAuG39dnFvnj31W83DzMLzx8wp3RbNo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba4fac19c277-FRA

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 10 Jul 2021 00:38:11 GMT

GET
H3-29 200 3959-romeo-lavia-who-is-pep-guardiola-promoting-to-the-man-city-first-team-324x315.jpg
all-news.co/wp-content/uploads/2021/07/ 12 KB
13 KB 15ms
15ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3959-romeo-lavia-who-is-pep-guardiola-promoting-to-the-man-city-first-team-324x315.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40959e58d777443a45ff5637ab2c5488a5e79cf6abcff50ffb1c77a11a322050

Request headers

:path: /wp-content/uploads/2021/07/3959-romeo-lavia-who-is-pep-guardiola-promoting-to-the-man-city-first-team-324x315.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6099
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12288
last-modified: Thu, 08 Jul 2021 20:24:38 GMT
server: cloudflare
etag: "3000-5c6a271b34867"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oItabPM%2BbguzlKPIFOm1TpzUuMrD2EjQVBkWgk0%2FgwbDlQYxM21j9F%2FWom71LK7O5rmOaUFRetQNw9K5jmqa3qPPiikTwEHuEqHjNYVWBOBsXEjFFHcGM5ziGSl6%2FX15%2FUZp5cw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba4fcc32c277-FRA

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BC7C 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 09 Jul 2021 23:28:41 GMT
expires: Sat, 09 Jul 2022 23:28:41 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E73F 783 B
532 B 18ms
18ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0cbcdf08e43731644d9cae7767ec2f29095d8d8646c42afbe8e50719be5b2f4a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TAzysevYtR2VLcf6aWU8LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

expires: Sat, 10 Jul 2021 00:38:11 GMT
date: Sat, 10 Jul 2021 00:38:11 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-TAzysevYtR2VLcf6aWU8LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 3954-england-2-1-denmark-rating-the-players-324x400.jpg
all-news.co/wp-content/uploads/2021/07/ 21 KB
21 KB 31ms
30ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3954-england-2-1-denmark-rating-the-players-324x400.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 849ab35f169ee98e89f9d13b741cbdd994043a902f033df3cffa0b65088402bb

Request headers

:path: /wp-content/uploads/2021/07/3954-england-2-1-denmark-rating-the-players-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6099
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21195
last-modified: Thu, 08 Jul 2021 01:24:37 GMT
server: cloudflare
etag: "52cb-5c69284af7767"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TVRyBlQn866X%2FR4AwWAJKpPAwCMQ9n1AyzRLgV6cigRRe6468p3%2BqQiEcRpeOH5v%2Fx%2FunXcQhd0kiiUwalqV08NB1c3SqHG7MNKsQN9GJ5BndnwpV%2FnQuWlFFWe2Dd5nfoRKsCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba4fdc43c277-FRA

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame BC7C 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 11:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 133821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 11:27:50 GMT

GET
H3-29 200 3969-the-extra-point-following-julio-jones-trade-who-becomes-the-leader-of-the-falcons-324x400.jpg
all-news.co/wp-content/uploads/2021/07/ 22 KB
22 KB 13ms
13ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3969-the-extra-point-following-julio-jones-trade-who-becomes-the-leader-of-the-falcons-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e2841124754099f5277b5fce6b7d1d80c413a914b1119812f899354f867b9eb

Request headers

:path: /wp-content/uploads/2021/07/3969-the-extra-point-following-julio-jones-trade-who-becomes-the-leader-of-the-falcons-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA; _awl=2.1625877491.0.4-301591c6-9a007756bda2750806ddbae4fe8aa93f-6763652d6575726f70652d7765737431-60e8ebf3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6099
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22153
last-modified: Fri, 09 Jul 2021 20:24:38 GMT
server: cloudflare
etag: "5689-5c6b68f898efe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OCXiH38cvxvHts%2BwjOTMDbk7GNkZiE0YXpCR4et62q5kIjJ0ATquuQBCjGDO7yfvtTmaXymO7Ho13m1PqDjHTsDDo9U4rC2tqJtZtUrzmj%2FlrIIhbbWADy2lsNa5mRcri92ZvbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba502c74c277-FRA

GET
H3-29 200 3971-mix-and-match-covid-vaccines-the-case-is-growing-but-questions-remain-696x464.jpg
all-news.co/wp-content/uploads/2021/07/ 101 KB
102 KB 17ms
17ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3971-mix-and-match-covid-vaccines-the-case-is-growing-but-questions-remain-696x464.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d8570854a1dfb7616b00f6e9412b7390f069c78c1903af2c4ef7e516d8f3e9e

Request headers

:path: /wp-content/uploads/2021/07/3971-mix-and-match-covid-vaccines-the-case-is-growing-but-questions-remain-696x464.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA; _awl=2.1625877491.0.4-301591c6-9a007756bda2750806ddbae4fe8aa93f-6763652d6575726f70652d7765737431-60e8ebf3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 201
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 103449
last-modified: Sat, 10 Jul 2021 00:24:57 GMT
server: cloudflare
etag: "19419-5c6b9eafb32e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BUXco3VRaCEMTQf7ZeWKdZaejVwUXzmDLK4NxboxAFYpo0MlseOybpjdLzjaREJiQgwe3Bo%2FHZOkeSlYEXSY9OgjM%2BLMo%2Bo2kg%2BU9nH9kvnWXVA3CiV%2F%2BaNdSIda0DJT52DbWh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba503c7dc277-FRA

GET
H3-29 200 3967-maybe-yes-napoli-boss-hints-at-interest-in-chelsea-defender-324x400.jpg
all-news.co/wp-content/uploads/2021/07/ 32 KB
32 KB 15ms
14ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3967-maybe-yes-napoli-boss-hints-at-interest-in-chelsea-defender-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 033d4d9f60025f01d25e2f152350f87253a8de049ad3be44072f4b2f2ab023c0

Request headers

:path: /wp-content/uploads/2021/07/3967-maybe-yes-napoli-boss-hints-at-interest-in-chelsea-defender-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA; _awl=2.1625877491.0.4-301591c6-9a007756bda2750806ddbae4fe8aa93f-6763652d6575726f70652d7765737431-60e8ebf3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6099
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 32466
last-modified: Fri, 09 Jul 2021 05:24:36 GMT
server: cloudflare
etag: "7ed2-5c6a9fcd168c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0w%2FZtkSF8WmgBdJMAHllKP0tX4qFRdwcI1xJj9a04Fkkdy8L1KM74QLZlrDW9DIeMViXRwI7vQWmaASkJnXCYyza9EWMLFcMOdIg9whWcbjNU0Z1jeUOf3HsqPagm2Lja1TkiSU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba504c8dc277-FRA

GET
H3-29 200 3969-the-extra-point-following-julio-jones-trade-who-becomes-the-leader-of-the-falcons-696x392.jpg
all-news.co/wp-content/uploads/2021/07/ 41 KB
42 KB 12ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3969-the-extra-point-following-julio-jones-trade-who-becomes-the-leader-of-the-falcons-696x392.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87cb5e2b412a18da035eb5923814e2395fa753c4df966ef4531010347be897ff

Request headers

:path: /wp-content/uploads/2021/07/3969-the-extra-point-following-julio-jones-trade-who-becomes-the-leader-of-the-falcons-696x392.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA; _awl=2.1625877491.0.4-301591c6-9a007756bda2750806ddbae4fe8aa93f-6763652d6575726f70652d7765737431-60e8ebf3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6099
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 42446
last-modified: Fri, 09 Jul 2021 20:24:38 GMT
server: cloudflare
etag: "a5ce-5c6b68f8b2d0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FJDxPoVtmosL8KAzwsabbNtCQuLUjsgT2xVvJIqQrcrs1ESFWoPppwRRWmQyckSgGkEJMJ4b8aHxDCx%2BLCpbIeIFfuSKOCqv5aJxjr6kj%2FsPLVDhM6Lgjksho655mMYf8Mk%2BLGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba505c98c277-FRA

GET
H3-29 200 3959-romeo-lavia-who-is-pep-guardiola-promoting-to-the-man-city-first-team-324x315.jpg
all-news.co/wp-content/uploads/2021/07/ 12 KB
13 KB 16ms
15ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3959-romeo-lavia-who-is-pep-guardiola-promoting-to-the-man-city-first-team-324x315.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40959e58d777443a45ff5637ab2c5488a5e79cf6abcff50ffb1c77a11a322050

Request headers

:path: /wp-content/uploads/2021/07/3959-romeo-lavia-who-is-pep-guardiola-promoting-to-the-man-city-first-team-324x315.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA; _awl=2.1625877491.0.4-301591c6-9a007756bda2750806ddbae4fe8aa93f-6763652d6575726f70652d7765737431-60e8ebf3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6099
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12288
last-modified: Thu, 08 Jul 2021 20:24:38 GMT
server: cloudflare
etag: "3000-5c6a271b34867"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SuU1lo4YGePOSQZu80yOE%2FWsCsH2Ttf5WJuEBH7hwpcgFFgW%2FJDddQvCYcB4XojOl0frBGUmT9stDFSrEz9IEYbWbSdiJvKgRSTkMkKjnC9RssrJzfbqlvcIR%2BwGri5xlrLGWhE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba507caac277-FRA

GET
H3-29 200 3954-england-2-1-denmark-rating-the-players-324x400.jpg
all-news.co/wp-content/uploads/2021/07/ 21 KB
21 KB 16ms
16ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3954-england-2-1-denmark-rating-the-players-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 849ab35f169ee98e89f9d13b741cbdd994043a902f033df3cffa0b65088402bb

Request headers

:path: /wp-content/uploads/2021/07/3954-england-2-1-denmark-rating-the-players-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA; _awl=2.1625877491.0.4-301591c6-9a007756bda2750806ddbae4fe8aa93f-6763652d6575726f70652d7765737431-60e8ebf3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6099
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21195
last-modified: Thu, 08 Jul 2021 01:24:37 GMT
server: cloudflare
etag: "52cb-5c69284af7767"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=byKhFAl7LXfSFXhnlsGwhpIQILJ9W3TWgQYvaSIwjNCCePym6Xl749mczYj4f12xsKD83SLd4wEbZ3z7VTSKyBsKGcu1h3BY4GeJUcRR93FoRK81XY%2F%2BHoLtM1iGqUVPsTKjRbc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba508cb6c277-FRA

GET
H3-29 200 3967-maybe-yes-napoli-boss-hints-at-interest-in-chelsea-defender-696x365.jpg
all-news.co/wp-content/uploads/2021/07/ 59 KB
59 KB 16ms
16ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3967-maybe-yes-napoli-boss-hints-at-interest-in-chelsea-defender-696x365.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4cb0df39488d2d4e2860a9017b35c32a84e5c06bd11a694ca4ef1bdd645419f

Request headers

:path: /wp-content/uploads/2021/07/3967-maybe-yes-napoli-boss-hints-at-interest-in-chelsea-defender-696x365.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA; _awl=2.1625877491.0.4-301591c6-9a007756bda2750806ddbae4fe8aa93f-6763652d6575726f70652d7765737431-60e8ebf3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6098
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 59905
last-modified: Fri, 09 Jul 2021 05:24:37 GMT
server: cloudflare
etag: "ea01-5c6a9fcd31678"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AT5bbQM4xVbbKNdCIP2UOdoRobAiG2dw5GhZesP3gN8CbVrRGPd2ZJFV6AWl%2FQJ674VeY9n%2BC8q%2F6MNGZe9ewTtoUdJuTTx1U3pszr3uN3VNmcpZd9xcSx5DRpsk1vGoES2h9eQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba509cc0c277-FRA

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210701&jk=3680231040049981&bg=!zs2lzYnNAAbV4AdB1eA7ACkAdvg8WlWP7J2OVODfJ5IzXOEfyalEgcso-9e5GP45YlLWTRqzieYExAIAAABUUgAAAAloAQcKAPVSXKEEuKrBk_JP7eB-apFMyjmXbWktwWu9SZNFCtcVLm4ca-pWUldigPGrnKjRtpqECNikpdadogcJUAnuXLF1aCOR10W0mbKWKVQw8ooW19nW7VZEerXIMpHeV2DrUIZIXW0riFGvC5pfV1IujBem_fwJqJYRWMCkVJW_cjCOAUu1CJa6lT0p3JwbvkDp5QZz7Las8e4sQuvvk1YBD079imjQeVPo-F95ruv7GrFHqjwdNIjDWGMuR2CMH1tKJuYHiYv6TOUt8Jc2KVtk5X67YeQcTIVZH_eDcWwlShjnMs8eQ5YWRkD-00w5vYX-lOiOmYOdLJkCcjjKOtj0RGTC1nxLvlHD4dCwgOGrJzsNW_WcKNdHKedqXxFnOWOY6khaPDDw37wpU3J0sd_mdlKM44IriGg2LQeYflNxRC8ZbtaTOB4lS-aBGBA_HImXN3vH8GaTDpz-U0RqiYPTEBfebVa2VSkir6H1ZutERzSLCtvMC-Mjt2CO0WB9GwwH1BvfSz4N1gh8mQmOuDAVSVemRevevnEZCl4AkiKO4w6Sl90_6JeMvyjmzXV3rX4GCgY5uP0ziJ7JuDRyC3MTJJH1uBbU1L5Oml1FcNHHDZSlEIp4Qpt0buY66OVtZWWs_RbyWbXs-4ouSkhnq9r--7LPo6Pr8Zujuk4gY15Yk1ppuHyaQ2j_dYDbh7oxL6eTSPti42N3E3BF2IPoJ6LnmX18aQUPaum5gPUz1eRhnUOUSVg5CwYsF9jUwmpXNAH4kyx0iqMInGdTYPSym_URgxSSEaqU0uNmnFntKcE-JmkRjeCHx5nSgvVSFjIynNmoiBxpFZYa2H7x-MxYivH1wVxZJ4ivBj5BS3gN8Yz1xVsafnGfo5FRRZ-CzkaheulDEhy3EWtHfOjX92AO3lkiiBBVFshTY-t-SYu4F36cwMVg_C2EASoj0e4XaDAZq5pUHLYk-By6-5bsJpMBEWbbOpcZrKgGsmTBvam6GazS05TeCpUdDr_6xmAUBLflvMQtA6FVh85piGkARNNZ-JY2Dp6U_KsdH4_JDfd_Zhe65Qb_vMJQHRJ-1T72XUyWxay3-UADYwAvFFQLPK_RS5JoXSfNfyUd_ON47Fn67kcUUHeT5XsRKpw6i7MOMHfGNjf6bOaOlBdH-F-gNM_d

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 3965-tyler-the-creator-cruises-on-a-speedboat-in-lemonhead-video-696x392.com-698737
all-news.co/wp-content/uploads/2021/07/ 58 KB
58 KB 73ms
73ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3965-tyler-the-creator-cruises-on-a-speedboat-in-lemonhead-video-696x392.com-698737
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7877456db738e63e9292f78592d0299b90edc4be78d03828c76e6451088e5327

Request headers

:path: /wp-content/uploads/2021/07/3965-tyler-the-creator-cruises-on-a-speedboat-in-lemonhead-video-696x392.com-698737
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA; _awl=2.1625877491.0.4-301591c6-9a007756bda2750806ddbae4fe8aa93f-6763652d6575726f70652d7765737431-60e8ebf3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 09 Jul 2021 00:25:44 GMT
server: cloudflare
etag: "e648-5c6a5cff55b67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZC3zPuZP6u6XJA%2BRhjDta1aLBDSXV01xw8fW7Mbw2uXLcAQo%2B0FDdO5HFwHvDbn1iU3KH94m7rbrGw3M4ECrYbuQq2%2BLPs1TwNG1mllo2Uzgzn4bGrzqrZknzFoZLZc%2B%2Bh0PiNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 66c5ba50dce5c277-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58952

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3971-mix-and-match-covid-vaccines-the-case-is-growing-but-questions-remain-696x464.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d8570854a1dfb7616b00f6e9412b7390f069c78c1903af2c4ef7e516d8f3e9e

Request headers

:path: /wp-content/uploads/2021/07/3971-mix-and-match-covid-vaccines-the-case-is-growing-but-questions-remain-696x464.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA; _awl=2.1625877491.0.4-301591c6-9a007756bda2750806ddbae4fe8aa93f-6763652d6575726f70652d7765737431-60e8ebf3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 201
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 103449
last-modified: Sat, 10 Jul 2021 00:24:57 GMT
server: cloudflare
etag: "19419-5c6b9eafb32e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ndJ3yGqoIAkpBAfWGb2EOM5YFPZurOSG3ZoNZwKrDHg%2BFQfan8pYuzXml4UoPPhae3uJhr6Xh%2FDfc764sxmt%2FC3i%2FHwwSbp0Fue4apgRFEx%2FQ6CaPWBuf67SlwVVeFTYh%2FQE4j0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba50ecf1c277-FRA

GET
H3-29 200 3969-the-extra-point-following-julio-jones-trade-who-becomes-the-leader-of-the-falcons-696x392.jpg
all-news.co/wp-content/uploads/2021/07/ 41 KB
42 KB 14ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3969-the-extra-point-following-julio-jones-trade-who-becomes-the-leader-of-the-falcons-696x392.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87cb5e2b412a18da035eb5923814e2395fa753c4df966ef4531010347be897ff

Request headers

:path: /wp-content/uploads/2021/07/3969-the-extra-point-following-julio-jones-trade-who-becomes-the-leader-of-the-falcons-696x392.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA; _awl=2.1625877491.0.4-301591c6-9a007756bda2750806ddbae4fe8aa93f-6763652d6575726f70652d7765737431-60e8ebf3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6099
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 42446
last-modified: Fri, 09 Jul 2021 20:24:38 GMT
server: cloudflare
etag: "a5ce-5c6b68f8b2d0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RvryQ9DplNA%2F8bpSdQswjQpqYAa63Sllyyy08%2BPEPdZF5xjTF5NeCmjfh%2B2itREtssCsH4KJTGXZ5pupmRE2nWb8r1in9giWbU5m%2BfB7ev9lsFNuRWMfv5i2HrHC%2FZI%2FxfyZQsI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba510d07c277-FRA

GET
H3-29 200 3967-maybe-yes-napoli-boss-hints-at-interest-in-chelsea-defender-696x365.jpg
all-news.co/wp-content/uploads/2021/07/ 59 KB
59 KB 19ms
18ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3967-maybe-yes-napoli-boss-hints-at-interest-in-chelsea-defender-696x365.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4cb0df39488d2d4e2860a9017b35c32a84e5c06bd11a694ca4ef1bdd645419f

Request headers

:path: /wp-content/uploads/2021/07/3967-maybe-yes-napoli-boss-hints-at-interest-in-chelsea-defender-696x365.jpg
pragma: no-cache
cookie: _ga=GA1.2.194994674.1625877489; _gid=GA1.2.1340078391.1625877489; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA; _awl=2.1625877491.0.4-301591c6-9a007756bda2750806ddbae4fe8aa93f-6763652d6575726f70652d7765737431-60e8ebf3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6098
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 59905
last-modified: Fri, 09 Jul 2021 05:24:37 GMT
server: cloudflare
etag: "ea01-5c6a9fcd31678"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dgDcECK3KjMhGyh%2F%2FRL6xfb0I5jN2YoJFEFhP0YSLrWMsRMiWBneznQMCcQu8BOJX8VX0zec1zsBeg5MlRV1MJbZqwEh8ZmN2n7Dzlq15TEy17oiFI9%2FNclIMstjpH17QHaPgz8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66c5ba513d26c277-FRA

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7F72 42 B
518 B 58ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubjRoy6xNSkUKT3VhN_G2XiYrM0y-G-XuRTDu-bwBQNlRNqPwJwITqmNIW4GJ6gO_NB6GPkoin0h6IdPyjauoECghxcTJO75Xz40cOFhiYTIdn4NXVDQhjDldPjw&sai=AMfl-YQrq1Yl5IG_7j2jjTxJaZ9EKWEBmFrD8-zxGcHjFUHEqI_oW4K_xluxQgl5oJe7bRN29NHF0gmosVco&sig=Cg0ArKJSzAYQ-e7UImPbEAE&id=lidar2&mcvt=1000&p=56,586,234,1298&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210709&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1170913138&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625877489671&dlt=519&rpt=36&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 3965-tyler-the-creator-cruises-on-a-speedboat-in-lemonhead-video-696x392.com-698737
all-news.co/wp-content/uploads/2021/07/ 58 KB
58 KB 23ms
22ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3965-tyler-the-creator-cruises-on-a-speedboat-in-lemonhead-video-696x392.com-698737
Requested by: Host: all-news.co
URL: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7877456db738e63e9292f78592d0299b90edc4be78d03828c76e6451088e5327

Request headers

:path: /wp-content/uploads/2021/07/3965-tyler-the-creator-cruises-on-a-speedboat-in-lemonhead-video-696x392.com-698737
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 09 Jul 2021 00:25:44 GMT
server: cloudflare
etag: "e648-5c6a5cff55b67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kwSKDjIUpQmcG9NhoO%2BngyxnTJvP0hR0hpHT0lepPrzOAypmXygynqqLAd5vcyaPYRf3MJG4b1xoHV8azdlBm8Tq3%2FZVE8JMn1IPVhz%2FT4TFfDEaqHXgTk0Om%2Bzxvw4kN4E%2FxT8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 66c5ba518d61c277-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58952

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A463 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1BHHi0Xv3HOzyquygIQnJKbXbL-quByq2g2uP1D9Rsg9NdYoXb5gwQ64BqH13X75uTfJXf4P-s1U_fkRkQKNTmRsNOQ7ZpTzdF02MMDuoT3dkNQAIxB6Ibu9AgQ&sai=AMfl-YTP8P5x-f5aDXpqnAJ-moVzcpMMXTprts_E2Aj9qwueHJOre2GGFu78jdSVjM3FWpfC_y_BPG-m4beWYcUvG9XOLJZ1TZ0eyZY&sig=Cg0ArKJSzKbeiIlZVcddEAE&cid=CAASF-Ro2HqcrPWbokWMPJI81OpCAlmpteyM&id=lidar2&mcvt=1118&p=342,1010,592,1310&mtos=1118,1118,1118,1118,1118&tos=1118,0,0,0,0&v=20210709&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3117778216&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625877489723&dlt=703&rpt=2&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 admin-ajax.php Show response
all-news.co/wp-admin/ 0
708 B 311ms
311ms XHR
text/html 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://all-news.co/wp-admin/admin-ajax.php

Requested by

Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.25

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://all-news.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
content-length: 51
:path: /wp-admin/admin-ajax.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: all-news.co
referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://all-news.co/city-girls-stage-a-twerk-takeover-in-new-video-directed-by-missy-elliott/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-edge-cache: cache,platform=wordpress
date: Sat, 10 Jul 2021 00:38:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.25
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=12WDe%2FsWshjoTANmP0BlVTI9JZDSXTdcnAAmTBTRoch1Dfn8lmbiucTWnT8VkINURXUTLmsqOZ1NGhfjkD%2Fkx7Tc5DozV4%2FyBtWVYtq4kNNnuGw6YnNf97FVirZNaxajRd%2Fv57Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://all-news.co
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 66c5ba530e5ec277-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 109ms
30ms Preflight 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame B5BD 16 B
232 B 73ms
73ms Fetch
application/json 52.213.6.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Jul 2021 00:38:11 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-8439024877331049&su=all-news.co&doc=complete&pg_h=4492&pg_w=1600&pg_hs=4492&c=4&aa_c=2&av_h=191&av_w=934.500&av_a=173048.333&s=108&all_s=20&b=1889.938&all_b=782.891&d=0.173&all_d=0.255&ard=0.062&all_ard=0.144&dt=d

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 00:38:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOjr8t2yxG2dmfqptOvl9gAABFUAAAIB&google_push=AYg5qPIGzUDWLQL_qqs1XLOPeS17Gt96yGg2YgOo6QZT6EBsK5R-ZJAPicRwT9M2QCm1ImZmOmS9mouF4V_ZhISWfoVC01ivBHw&google_gid=CAESELSZH3F6aok6yFxOBYhn2Co&google_cver=1

Verdicts & Comments Add Verdict or Comment

220 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:38:01	Name: DSID Value: NO_DATA
.all-news.co/	1970-01-20 04:59:33	Name: __gads Value: ID=1908e07d6dd876e9-22b0496e79c800ea:T=1625877489:RT=1625877489:S=ALNI_MZPKYt_xea5f392JxDKx-QtbdJiNA
.doubleclick.net/	1970-01-20 04:59:33	Name: IDE Value: AHWqTUlUYX4gS9WanmqSMExbE7tOAUdrfXrw_KZkIPkzTGOYo2zzs7gqEDcIQOIdYsk
all-news.co/	1970-01-20 04:23:33	Name: cookielawinfo-checkbox-non-necessary Value: yes
.all-news.co/	1970-01-19 19:39:23	Name: _gid Value: GA1.2.1340078391.1625877489
all-news.co/	1970-01-20 04:23:33	Name: cookielawinfo-checkbox-necessary Value: yes
.all-news.co/	1970-01-19 19:37:57	Name: _gat Value: 1
.all-news.co/	1970-01-20 13:09:09	Name: _ga Value: GA1.2.194994674.1625877489

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.2(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16215012808405873833/js/script.js(Line 56) Message: 11750
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
all-news.co
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
cdn.onesignal.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
diapi.webgains.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
mtv.mtvnimages.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
sales.ffsice.nl
static-de.ad4mat.net
static.adsafeprotected.com
stats.g.doubleclick.net
steadfastsystem.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
104.111.239.217
13.225.74.57
142.250.181.226
163.172.29.155
185.64.190.78
2.16.186.200
23.45.99.241
2600:1901:0:76b9::
2606:4700:3032::6815:57ae
2606:4700:3032::ac43:8293
2606:4700:3039::6815:c03a
2606:4700::6812:e234
2a00:1450:4001:808::200e
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9d
2a03:2880:f12d:181:face:b00c:0:25de
2a05:d01c:1d8:8100:9065:1944:fd14:ef66
3.250.250.79
34.98.67.61
35.190.90.202
35.227.252.103
35.244.174.68
46.236.13.147
52.213.6.221
52.59.79.213
69.173.144.138
79.137.69.91
81.29.72.47
91.228.74.198
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
033d4d9f60025f01d25e2f152350f87253a8de049ad3be44072f4b2f2ab023c0
04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1
09ce3d921e25bb0b4c0e06a030ffb155623d14d3f444da9b659930f722ab26c9
0aebf53548d8e635830779fec7a7ba4ac0c91e5657ca2008d425a879dc99266b
0b35e873b9db413a09f24235dd3be68816999fc978a0bacf7b0ad5ee20947a5d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c149d19d7959788fd893eb8ea61ded909dbd0ec5fc4a29d530c7a6920b2bdb7
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cbcdf08e43731644d9cae7767ec2f29095d8d8646c42afbe8e50719be5b2f4a
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e
0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2
0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
13fae36d9ba57cad618ea9714aa5b2f21ea59b379ceffa74a646099b898c0792
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
15b93c2a84f8b118a75afdc7ad60294de6f6cf4b3dd344fd13e6f516f59c0821
15c510fe49c3ec5fd57ac7ead341655699156a63fe10195347dfeae1dc53f909
1608463daf92a71b2a1c6ee7042cc0a1b6bf99f1a1816787c554536948a50ae4
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e2841124754099f5277b5fce6b7d1d80c413a914b1119812f899354f867b9eb
1e9f1520d706eaabe98193415871fbc1b8b9816388050c6094fea803fb320544
1ef5da18f8b87352f7274273f3a801336d73b18dd24bff1a4633fabe73bcb363
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a
246e451f75df33e66982087689694fbb4b287455a062ed81152bedcfe48e474b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2b515a59174f30fe7c694f1b81a78f567ce671b24988e2e6e737ecaed26871af
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
370cfc3b0c6fb7160b86add0e63b628f71a7cea2285f492acc389d9e9f62f8dc
395ca62cba27622e3fef1b659643f08356d6e0719db121805ceaa84ab9512dae
3c7212646f9d60bab57869985dbc5f3612f965fc6e7bbea778f6c783851b2baa
40959e58d777443a45ff5637ab2c5488a5e79cf6abcff50ffb1c77a11a322050
41a23e11eb8676f49330e9b6076c7020b1203a6439975333019d27be5f1d775c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4776ac2e39935200633f4cd6e1cc8160522b0582e48f0df68af98e49789b828d
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4b83b010a2ede2ec516782f8671f1918fe5d3a828dfd9616280cd4e6646a8452
4c862613850a35b65f2dc67dffef14b86f931893424e2a584547b02ab7355926
4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fdc0e267377c023b5e6139205779ef920e3571c8f6c9abbb6a27ec03f705ea1
53508370870f07a8e0622c65b014e420acf79651a6a58343427f1032c76d91dd
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
601c294da3882446ada5fa6863efbe5005f86f3a1180ac8584d37ae387f76777
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6756eb6c17e32c0e881b795dca20de2b3bfcb5938d2da9d36a1010ce609a54f0
6956cbfddf2ce28aee043ecd2b7dbc3ada3954646d7009c6dd1b5ca173f136f9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
6d8570854a1dfb7616b00f6e9412b7390f069c78c1903af2c4ef7e516d8f3e9e
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74e8d264c2f115d03c3fdb8b43ef4ca5b993249b44373497d83cebbae4b32e78
7877456db738e63e9292f78592d0299b90edc4be78d03828c76e6451088e5327
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7da8d792ef771180eef9e592f2a3b5ebcc0f74eea6f5475d1a1e9e5665bb8448
849ab35f169ee98e89f9d13b741cbdd994043a902f033df3cffa0b65088402bb
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
87cb5e2b412a18da035eb5923814e2395fa753c4df966ef4531010347be897ff
8ae68c2cb028f3da7c758b509f9cfd5d8b5d2fd59c7ebb0692bac8b4db8788c2
8f8c9f1c471da8dae19554e26c6c423f31e5e687ea3892e4a73ada4be3179f86
905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4
90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6
980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f89adb807450b421fba04a426e97d1ee2fdd2ec3be9b67c0d9bb8531b782bce
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f7971df36643be1bb00f885786ecf067ba953ca020e2d158efcb9e82f55a80
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a8095175e1bca82af9104a2088aed993bdd8f3ad349136060954b6f6206140a6
a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ad62f6617623b2d97acafd1ff1860113f58fe4e10437fbcea14bb2ede2c24564
ae3c6bf322cea59b7a45174d504662f0e75d94787a9fe0a3014d92d5485c701a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1a508e46b91f219c24122931b20534de149dd8b0fef6286173410ee2641c1b4
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b72bf17f18ebe2d0f8f2125330e558b082b2455ed9c0a0e3c9a00376e43af17a
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
c518ad5d0adbc0754bac8b71c958312a6bd77d4e318500fec44d929e00f857ec
c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c7e85b4af227120a6e47636b8ee4b5499ad262654ef4e32ad0e5f393ff110cd9
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca1a8b33b9235387ccc62f6feef01676f8788c02fa1b235efdf0a36b600b9b1e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d3471bb0a9d265d444a4d6dcb3be99a684cc8348f97f4ad425de8c9922e41183
d641d794ffeb8ab4a93449307f4da1d4cb4a9c7020ad7da4c2f630b03de6d1f7
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
df85aac876d06864d10bb0fc5f45c6fa28870ed4eda966f3082d52e42173d962
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4119835228203de3978d98f27c2d326dd14f7d0fb412f9a05f4d1589cc83111
e8ae14082f4d2088f2bcc4f8e3da3955343dd1e39e0a5f9333c45d6428c3cfc5
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
ecdc50d52c709dcee691a38026d3fd60a962e65db82c697ebdc2d0e23bff66fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6a8ee35841ac2b43192c3ea24bbb8811060ce48f11d07f0f34f47ec2048a37
f4cb0df39488d2d4e2860a9017b35c32a84e5c06bd11a694ca4ef1bdd645419f
f663e1b93176a1ed2aa04489a7cc426d9601e9f4a559d798f7ac3c0283e0157d
fad528ffedd0e69f495a1cc5a9aa67bad6f23b587ac92c2a0a0124832f8c5e71
fd140742c354c506c7bb90f383e236b9b6886581b286fa810ebdd27540181846
ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3

all-news.co Open in urlscan Pro 2606:4700:3032::ac43:8293 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

198 Requests

99 %HTTPS

47 %IPv6

31 Domains

41 Subdomains

29 IPs

6 Countries

3266 kBTransfer

6411 kBSize

8 Cookies

10 Outgoing links

Page URL History

Redirected requests

198 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

all-news.co Open in urlscan Pro
2606:4700:3032::ac43:8293 Public Scan

Screenshot
Live screenshot

Full Image

198
Requests

99 %
HTTPS

47 %
IPv6

31
Domains

41
Subdomains

29
IPs

6
Countries

3266 kB
Transfer

6411 kB
Size

8
Cookies

198 HTTP transactions
7 data transactions