gagadaily.com Open in urlscan Pro
2606:4700:3035::ac43:cf0e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gagadaily.com/
Effective URL:
https://gagadaily.com/
Submission Tags: tranco_l324
Submission: On November 27 via api (November 27th 2021, 11:28:32 am UTC) from DE — Scanned from DE

Summary HTTP 162 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 25 domains to perform 162 HTTP transactions. The main IP is 2606:4700:3035::ac43:cf0e, located in United States and belongs to CLOUDFLARENET, US. The main domain is gagadaily.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 22nd 2021. Valid for: a year.

This is the only time gagadaily.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	2606:4700:303... 2606:4700:3035::ac43:cf0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	143.204.98.25 143.204.98.25	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:5400:17:b1c1:7040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6811:9342	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	143.204.98.64 143.204.98.64	16509 (AMAZON-02) (AMAZON-02)
21	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
4	34.249.15.20 34.249.15.20	16509 (AMAZON-02) (AMAZON-02)
1	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.214.64.244 34.214.64.244	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
2	143.204.98.80 143.204.98.80	16509 (AMAZON-02) (AMAZON-02)
28	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4 7	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
6	44.225.6.40 44.225.6.40	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
2	143.204.98.59 143.204.98.59	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.98.86 143.204.98.86	() ()
2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	() ()
1	2600:9000:215... 2600:9000:2156:0:6:44e3:f8c0:93a1	() ()
162	37

27 2606:4700:3035::ac43:cf0e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gagadaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-25.fra50.r.cloudfront.net

js.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:5400:17:b1c1:7040:93a1 (United States)

ASN16509 (AMAZON-02, US)

st.districtm.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:9342 (United States)

ASN13335 (CLOUDFLARENET, US)

services.districtm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-64.fra50.r.cloudfront.net

cdn.feature.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.249.15.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-15-20.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.11 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.214.64.244 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-64-244.us-west-2.compute.amazonaws.com

api.feature.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-80.fra50.r.cloudfront.net

c.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.225.6.40 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-6-40.us-west-2.compute.amazonaws.com

graph.feature.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-59.fra50.r.cloudfront.net

i1.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.86 (None, ) 1 redirects

ASN- ()

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (None, )

ASN- ()

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:0:6:44e3:f8c0:93a1 (None, )

ASN- ()

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com	597 KB
27	gagadaily.com 1 redirects gagadaily.com	3 MB
23	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	255 KB
11	feature.fm cdn.feature.fm api.feature.fm graph.feature.fm	51 KB
10	google.com 4 redirects adservice.google.com www.google.com	2 KB
8	gumgum.com js.gumgum.com g2.gumgum.com c.gumgum.com	71 KB
6	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com	119 KB
6	googletagservices.com www.googletagservices.com	208 KB
6	skimresources.com s.skimresources.com r.skimresources.com t.skimresources.com p.skimresources.com	20 KB
3	google.de adservice.google.de	1 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	10 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	788 B
2	sndcdn.com i1.sndcdn.com	102 KB
2	ytimg.com i.ytimg.com	75 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	districtm.ca st.districtm.ca	12 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	quantcount.com rules.quantcount.com	429 B
1	googleadservices.com partner.googleadservices.com	636 B
1	adnxs.com secure.adnxs.com	646 B
1	districtm.io cdn.districtm.io
1	districtm.net services.districtm.net	225 B
1	googletagmanager.com www.googletagmanager.com	36 KB
0	crwdcntrl.net Failed sync.crwdcntrl.net Failed
0	cloudfront.net Failed d2szg1g41jt3pq.cloudfront.net Failed
162	25

	Domain	Requested by
28	tpc.googlesyndication.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com pagead2.googlesyndication.com
27	gagadaily.com	1 redirects gagadaily.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
16	pagead2.googlesyndication.com	gagadaily.com pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	www.google.com	4 redirects tpc.googlesyndication.com 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
6	graph.feature.fm	cdn.feature.fm
6	www.googletagservices.com	googleads.g.doubleclick.net st.districtm.ca 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
4	g2.gumgum.com	js.gumgum.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net gagadaily.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	cdn.feature.fm	gagadaily.com
2	sb.scorecardresearch.com	1 redirects
2	i1.sndcdn.com
2	i.ytimg.com
2	encrypted-tbn2.gstatic.com	86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
2	86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	c.gumgum.com	gagadaily.com js.gumgum.com
2	api.feature.fm	cdn.feature.fm
2	p.skimresources.com	gagadaily.com
2	t.skimresources.com	gagadaily.com s.skimresources.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	st.districtm.ca	gagadaily.com
2	js.gumgum.com	gagadaily.com
2	fonts.googleapis.com	gagadaily.com 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
1	pixel.quantserve.com	gagadaily.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	gagadaily.com
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn0.gstatic.com	86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
1	encrypted-tbn3.gstatic.com	86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
1	www.gstatic.com	86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	secure.adnxs.com	st.districtm.ca
1	cdn.districtm.io	st.districtm.ca
1	r.skimresources.com	s.skimresources.com
1	services.districtm.net	st.districtm.ca
1	s.skimresources.com	gagadaily.com
1	www.googletagmanager.com	gagadaily.com
0	sync.crwdcntrl.net Failed	gagadaily.com
0	d2szg1g41jt3pq.cloudfront.net Failed	gagadaily.com
162	42

This site contains links to these domains. Also see Links.

Domain
facebook.com
instagram.com
twitter.com
tiktok.com
www.youtube.com
www.facebook.com
w.soundcloud.com
ffm.to
soundcloud.com
www.feature.fm
www.invisioncommunity.com

Subject Issuer	Validity	Valid
gagadaily.com Cloudflare Inc ECC CA-3	`2021-04-22` - `2022-04-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gumgum.com Amazon	`2021-10-15` - `2022-11-12`	a year	crt.sh
st.districtm.ca Amazon	`2021-07-06` - `2022-08-04`	a year	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
feature.fm Amazon	`2021-06-03` - `2022-07-02`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
api.feature.fm R3	`2021-11-13` - `2022-02-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
graph.feature.fm R3	`2021-11-13` - `2022-02-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.sndcdn.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-13` - `2022-02-14`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://gagadaily.com/
Frame ID: 3F2E16798265375C055D3DF221D721D6
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 56D8E681D06B1162868D9CFC31B37480
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.04953592368919346
Frame ID: 71A76483FA2530E09281A84A74593059
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 39E34B53F9AF8123451D6AA4240D6CF5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&adk=1812271804&adf=3025194257&lmt=1638012475&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgagadaily.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504754&bpp=4&bdt=180&idt=284&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3695015884266&frm=20&pv=2&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=296
Frame ID: A036811D8747AE11BB4C75B5D15D3801
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=280&slotname=2495326838&adk=2784051227&adf=530655446&pi=t.ma~as.2495326838&w=728&fwrn=4&fwrnh=100&lmt=1638012475&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504758&bpp=5&bdt=184&idt=325&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aTeRER9FrS&p=https%3A//gagadaily.com&dtd=330
Frame ID: A0D1EA99D67C58231918F56A37FFA1D4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=250&slotname=2975587628&adk=3073299649&adf=3336167786&pi=t.ma~as.2975587628&w=300&lmt=1638012475&psa=0&format=300x250&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504763&bpp=1&bdt=190&idt=336&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=490&ady=1246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jvxcmol8Rf&p=https%3A//gagadaily.com&dtd=339
Frame ID: 048A04E07370935BC87E4FE281694980
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344
Frame ID: 98A4036D5A5394CD874291EAA93C825E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=280&slotname=6878940032&adk=2044434317&adf=2967367454&pi=t.ma~as.6878940032&w=1200&fwrn=4&fwrnh=100&lmt=1638012475&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=349&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250%2C300x600&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=2009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=VWNIjZfymO&p=https%3A//gagadaily.com&dtd=352
Frame ID: 9977516112A75CCB14EC8AB788FBBD3F
Requests: 1 HTTP requests in this frame

Frame: https://c.gumgum.com/images/pixel.gif
Frame ID: 53EB8D55853CBB3812A6D102C2C4816E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=1335365576&adf=1158750195&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504765&bpp=1&bdt=191&idt=355&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250%2C300x600%2C1200x280&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=650&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=T8aPbiUQRw&p=https%3A//gagadaily.com&dtd=357
Frame ID: 6C7340AE8F479BF1834910DC747FAAFA
Requests: 9 HTTP requests in this frame

Frame: https://c.gumgum.com/images/pixel.gif
Frame ID: 647A89D2DE1E6833E1F1928BAFC01FE6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7B3F3117452E8CB8CE3C07A2175FCB14
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Frame ID: 6C11ADB781ED985FCCAEE867DE352CBD
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: CE72C4E46C6856A2FE6D1F2767A644B5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AF8BD39B7FAC9EFEB78645EE401D1A67
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D8BFC690B9C24802003A838C0C31FA07
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 251EEBB5ADC1BAA8F49A135609EE6D75
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Frame ID: 6331E156DDFCE5C39DF19F0BBA86D863
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Frame ID: FFAE78D7DD61361E101B47F72456AB04
Requests: 1 HTTP requests in this frame

Frame: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DF19CAE93D798613DA5B79F9F5B9EBDC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Frame ID: FF2DE4657059BDB55A480AF7709EB42E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: AEF85054A461711ADE2C3431F4DF92CB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 89807B52C59EAC7688658B391E320A6F
Requests: 2 HTTP requests in this frame

Frame: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E0114FCE74963FEA53B4ADBEE1B176A6
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4BC958F15B12F540B0A658CBD82A9B13
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4556118F4703449B82E619173F071B0
Requests: 2 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 78D40A2E4B494556AE2961DAD7C6DE6D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gaga Daily

Page URL History Show full URLs

http://gagadaily.com/ HTTP 301
https://gagadaily.com/ Page URL

Page Statistics

162
Requests

98 %
HTTPS

58 %
IPv6

25
Domains

42
Subdomains

37
IPs

7
Countries

4292 kB
Transfer

7304 kB
Size

35
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/gagadaily

Search URL Search Domain Scan URL

URL: https://instagram.com/gagadaily

Search URL Search Domain Scan URL

URL: https://twitter.com/gagadaily

Search URL Search Domain Scan URL

URL: https://tiktok.com/@gagadaily

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/gagadaily?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/MptYvWM-LfA?autoplay=1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=622648094541819&display=popup&href=https%3A%2F%2Fwww.feature.fm%2Fshare%2F6120b86f3c000015d3e8770c.61a2165b631b117479efa724&redirect_uri=https%3A%2F%2Fwww.feature.fm%2Fscripts%2Fclose-window.html
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://w.soundcloud.com/player/?url=https%3A%2F%2Fsoundcloud.com%2Fdrehz%2Fsets%2Fmy-lo-fi-christmas-volume-1%3Fsi%3D2fca901d33a148f6a7d0a2a6dfe5aaf9&auto_play=true&hide_related=false&show_comments=true&show_user=true&show_reposts=false&visual=true

Search URL Search Domain Scan URL

URL: https://ffm.to/mylofixmasvol1
Title: Hear My EP

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/tdVElKUtwww?autoplay=1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=622648094541819&display=popup&href=https%3A%2F%2Fwww.feature.fm%2Fshare%2F619823123b0000a9094c1f8f.61a2165bed0e5e6448c16834&redirect_uri=https%3A%2F%2Fwww.feature.fm%2Fscripts%2Fclose-window.html
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://w.soundcloud.com/player/?url=https%3A%2F%2Fsoundcloud.com%2Falexjordanfnm%2Foctober-forever-with-nbt-jay%3Fin%3Dalexjordanfnm%2Fsets%2Ffarewell%26si%3D1f48aaa9dd414e2b979661ec300addd5&auto_play=true&hide_related=false&show_comments=true&show_user=true&show_reposts=false&visual=true

Search URL Search Domain Scan URL

URL: https://soundcloud.com/alexjordanfnm
Title: Discover Me

Search URL Search Domain Scan URL

URL: http://www.feature.fm/
Title: feature.fm

Search URL Search Domain Scan URL

URL: https://www.invisioncommunity.com/
Title: Powered by Invision Community

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gagadaily.com/ HTTP 301
https://gagadaily.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOUV6ZLaQjh55wMF8otZsPFNE0wZJKVRYLj064dA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOUV6ZLaQjh55wMF8otZsPFNE0wZJKVRYLj064dA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/916/8/2.gif?puid=628a1bb9-6bae-45ef-97dd-9f595eef8323&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOUV6ZLaQjh55wMF8otZsPFNE0wZJKVRYLj064dA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/124/7/3.gif?puid=628a1bb9-6bae-45ef-97dd-9f595eef8323&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/441/146/6/4.gif?puid=0903f1b7-b854-4546-a76d-b9084d8905a2&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESELD9Sg6O70UA3nwuFgvPrcM&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELD9Sg6O70UA3nwuFgvPrcM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESELD9Sg6O70UA3nwuFgvPrcM%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8313753381490270782&opid=apx&ops=&utidl=tech:goo:CAESELD9Sg6O70UA3nwuFgvPrcM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A22821850788&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 162

https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=1&c4=44febe90&c7=https%3A%2F%2Fgagadaily.com%2F&c8=Gaga%20Daily&c9=&cv=2.0&cj=1&ns__t=1638012511770 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=1&c4=44febe90&c7=https%3A%2F%2Fgagadaily.com%2F&c8=Gaga%20Daily&c9=&cv=2.0&cj=1&ns__t=1638012511770

162 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gagadaily.com/
Redirect Chain

http://gagadaily.com/
https://gagadaily.com/

51 KB
10 KB

378ms
359ms

Document
text/html

2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gagadaily.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7bb7eb3281ee0b62ddd1929f3d91a1473044e92ff4a904dea182bd300087b10

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-type: text/html;charset=UTF-8
pragma: no-cache
x-ips-loggedin: 0
vary: cookie, Accept-Encoding,Accept-Encoding,User-Agent
x-xss-protection: 0
x-frame-options: sameorigin
x-ips-cached-response: Sat, 27 Nov 2021 11:27:55 GMT
last-modified: Sat, 27 Nov 2021 11:27:55 GMT
expires: Sat, 27 Nov 2021 11:29:54 GMT
cache-control: max-age=90, public
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIr%2B5NPjpFKhHwNyTavah2XRMp19HlNjWwGqJQVprOxBw20%2Bpo5mtLIL1J9Ft%2Bj1SC8ku9jL9x4BqjPOrrZiUmsA2cvuusvfn4c0NPgrQF5duEHoX1znfEWJJ8RtGeH9B59A90f6s1WKn0vG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b4b03475e372c26-FRA
content-encoding: br

Redirect headers

Date: Sat, 27 Nov 2021 11:28:24 GMT
Content-Type: ;charset=UTF-8
Content-Length: 0
Connection: keep-alive
x-ips-loggedin: 0
vary: cookie,User-Agent
x-xss-protection: 0
x-frame-options: sameorigin
location: https://gagadaily.com/
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Bn9s5u5W1MqHVT0axdql5vGfnwW%2BR4egM8VJWZ3fhe2erxJOBwE0dfNMIi3pXNAclGCMs6O4y%2FpyrP3iuXSBwxsBf7bXTIT75MYuoks59E1YLSzowLloKuO9brxHnYeW8ipYoXB7vXS3gi5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6b4b03459d6c4eaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 53ms
25ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-10041953-1

Requested by

Host: gagadaily.com
URL: https://gagadaily.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8feef7ec020853c28a2ba818812471d03ff6b19860b02d8632c1d224b12d85b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36113
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Nov 2021 11:28:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 48ms
20ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:300,300i,400,400i,500,700,700i

Requested by

Host: gagadaily.com
URL: https://gagadaily.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb5537408d5f96d4f93f55ca2a36d3de397281d7eaa5b791ba8c312b72157973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 11:03:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Nov 2021 11:28:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Nov 2021 11:28:24 GMT

GET
H2 200 341e4a57816af3ba440d891ca87450ff_framework.css
gagadaily.com/uploads/theme/css_built_87/ 289 KB
55 KB 23ms
21ms Stylesheet
text/css 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/css_built_87/341e4a57816af3ba440d891ca87450ff_framework.css?v=d238e0516d1620751828
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70bcf5330e20384e00f6f608252f65166975648750e930e93ea4b0fdeb8c31f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 326019
cf-polished: status=cannot_optimize
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 29 Apr 2021 01:52:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNMCvp4J%2F%2Bkip54tAPSbZQrVu2VhqbtKm%2FOzwqCgGuBOmUgNOVyWIENaYQeeByGm95xuDw90x8DYCgc1WpOQPcoFlgQuZyeeTyzqT%2BPPU7G7Y7oJlfh6mPuzk3Snh6d6Et1c%2BWopvVAfuERC"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
cf-ray: 6b4b0349ba372c26-FRA
expires: Tue, 30 Nov 2021 16:54:46 GMT

GET
H2 200 05e81b71abe4f22d6eb8d1a929494829_responsive.css
gagadaily.com/uploads/theme/css_built_87/ 34 KB
7 KB 20ms
18ms Stylesheet
text/css 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/css_built_87/05e81b71abe4f22d6eb8d1a929494829_responsive.css?v=d238e0516d1620751828
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3768de08bab9594d97b9f68ad815cc8b74d1355ee58217f632df641b66b892e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 325941
cf-polished: origSize=36076
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 01 May 2021 16:30:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSjs9n96KDkoXKE3H3uBA7xC%2FZuRYFKelKtkY2MJevM8rdG4b02%2BANx3EiFNqWsrj%2Bz%2Bk4FyX0XgTfe9ubrbgxX2T2cKRegyTRtjTma5P6QdULHhcLsqUobDYvXdv0O1iFGRu8dElxoUr1V0"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
cf-ray: 6b4b0349ba382c26-FRA
expires: Tue, 30 Nov 2021 16:56:03 GMT

GET
H2 200 90eb5adf50a8c640f633d47fd7eb1778_core.css
gagadaily.com/uploads/theme/css_built_87/ 19 KB
5 KB 17ms
16ms Stylesheet
text/css 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/css_built_87/90eb5adf50a8c640f633d47fd7eb1778_core.css?v=d238e0516d1620751828
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9d782e09e3a9a2ddb8c883b6fc760a5f19647e2c7387ce30c7f99120e1c3b89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101477
cf-polished: origSize=19799
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 28 Apr 2021 12:27:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUciAJprLoICPt3j0y5Ht%2Bwao%2FKyXR5JDgXlgUrjaGNMnHLXFdypmHbKz%2BfacK%2FisBHd0DEbzLLlzAIEH%2FrbC2%2FjGwKTrd4BNZZWfzPX%2FFuFGmewIqXQk%2F7%2BnIWsUINltIX3C8rSR2WF8CPi"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
cf-ray: 6b4b0349ba392c26-FRA
expires: Fri, 03 Dec 2021 07:17:06 GMT

GET
H2 200 5a0da001ccc2200dc5625c3f3934497d_core_responsive.css
gagadaily.com/uploads/theme/css_built_87/ 5 KB
1 KB 17ms
16ms Stylesheet
text/css 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/css_built_87/5a0da001ccc2200dc5625c3f3934497d_core_responsive.css?v=d238e0516d1620751828
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db63c6f0a4b2975c893e2dcefd885ac39e52ab4eaca6a31d058945605d47b17d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 377616
cf-polished: origSize=5076
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 28 Apr 2021 12:27:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxfMB%2BzcWbvzltZCRRfnD5EGsBqru%2FnOMedawqmFdDfLN9Ry4qRMzX70p9stzYcS5fnOU165PvVRnlLVnITl9LDrFRFOx%2FIXMmFriQpRdGgVfATd0KXgvWRxERXweHvS8mER%2BQ%2BAKS45zUPQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
cf-ray: 6b4b0349ba3b2c26-FRA
expires: Tue, 30 Nov 2021 02:34:48 GMT

GET
H2 200 97c0a48072ce601c9764cb6b00a6588a_page.css
gagadaily.com/uploads/theme/css_built_87/ 296 B
576 B 29ms
28ms Stylesheet
text/css 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/css_built_87/97c0a48072ce601c9764cb6b00a6588a_page.css?v=d238e0516d1620751828
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 504d98fc0bc0608889f7968422466204d23c561905ad2bd050bdc6643f6aa8b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103778
cf-polished: origSize=316
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 28 Apr 2021 12:41:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nz45vqvNOs0yGPSx0vesf6E125HS9W3pEVLTFYWoGvYDim5y0sWVoaqZferLZQmpxF%2BM%2BlzrhlP%2Bnr0Ye%2FhFVFs%2BXDuNoGWgHdpaoB8RNmCe3x64B6G9DzzH0is0in6OIiW6hdGJsRwINRUT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
cf-ray: 6b4b0349ba3d2c26-FRA
expires: Fri, 03 Dec 2021 06:38:45 GMT

GET
H2 200 258adbb6e4f3e83cd3b355f84e3fa002_custom.css
gagadaily.com/uploads/theme/css_built_87/ 21 KB
5 KB 18ms
17ms Stylesheet
text/css 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/css_built_87/258adbb6e4f3e83cd3b355f84e3fa002_custom.css?v=d238e0516d1620751828
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0b5993e011e71b931f2c2baceb1c175363539bef24b4b3a6cd43c6d938da767

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 325941
cf-polished: origSize=22414
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 11 May 2021 16:50:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxaoIIPCmQFZROnabHG85X4jGVXFMVrPmQYLTQz1cD42OqN%2BG7Us3vpfb%2FttulIn%2FvJCIeBpbBAd0oEKYxVGxMjSLz%2BN0MHkOVGm47PPaLRlJ%2Fsqyb7QYNzMrvl2hGReocfiHhZtN8zejoLB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
cf-ray: 6b4b0349ba3f2c26-FRA
expires: Tue, 30 Nov 2021 16:56:03 GMT

GET
H2 200 logo.gif
gagadaily.com/GGD2020/ 2 MB
2 MB 24ms
21ms Image
image/gif 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gagadaily.com/GGD2020/logo.gif
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c57746b1dd4445b4953a0c474634d54f3ca01afee056f12bbace1d7c24e9128d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101672
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2172973
last-modified: Mon, 23 Mar 2020 15:49:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Szr0RDKXvvMwDiGf0F6F3y6wQTHfHJqZw4u5v0UjCfjn%2BgplVu4lcQQrz1Kj7ToTPtLASG5tsVTyVTRrdm6xMxgdYkaJ3V2wGuIF5C2AarJEgKv09Tz3MSocwAE8fFliZwh%2FA9MZHdfAI5mH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6b4b0349ca5a2c26-FRA
expires: Fri, 03 Dec 2021 07:13:52 GMT

GET
H2 200 tiktok1.png
gagadaily.com/GGD2020/ 631 B
1 KB 23ms
21ms Image
image/png 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gagadaily.com/GGD2020/tiktok1.png
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47d1943534243c0ac5921c144aee993e8990ab96433dcd2f989f1eda5be18f1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29885
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 631
last-modified: Sun, 15 Mar 2020 18:58:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8Pha4qcQYKPKNpF7YWe63VX%2FF2VeCWYaccxAaZ5WvToitT%2FsLr%2BM1CBe%2B0cRtCqszstu3d9dHXpIieoz%2FYCxZNHH8RAxYfrtV%2B6PJqd5bt9TdERDLxFwxYRXFpVZmZoGgaQpAQyUnO16TuH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6b4b0349ca5c2c26-FRA
expires: Sat, 04 Dec 2021 03:10:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 60ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0534452931345127

Requested by

Host: gagadaily.com
URL: https://gagadaily.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71e15d5a8769ed219c47aeaaa7d022226039c7539131aeb80efe48eb0d78f7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gagadaily.com/
Origin: https://gagadaily.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51183
x-xss-protection: 0
server: cafe
etag: 16111273374876763256
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 11:28:24 GMT

GET
H2 200 icon1.svg
gagadaily.com/GGD2020/ 743 B
768 B 22ms
20ms Image
image/svg+xml 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gagadaily.com/GGD2020/icon1.svg
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c3dfdabffd9eb1d77595df84b9efb9122f494a7a557cb69af6410a27460fd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Mar 2020 10:07:38 GMT
server: cloudflare
age: 103730
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2F4%2B7d3MOh9IHTWifYsKZWajA%2FpHo6Vbt7YkxIdK7ZmpdrvwIEYOdjw%2F1AxheFXY2x0CoWGo31HZ5jrkmPuRSbKx5StgYAi7I1cvtZbWp%2F9pQ%2BlQeO%2F%2FcXP9uxAq8BAfUYQYdBkh4wY82519"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4b0349ca5e2c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 03 Dec 2021 06:39:33 GMT

GET
H2 200 icon2.svg
gagadaily.com/GGD2020/ 552 B
701 B 23ms
21ms Image
image/svg+xml 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gagadaily.com/GGD2020/icon2.svg
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d1b7e628c69ab51a8dd5a5707947948a344968799859fd33941e62d8218937d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Mar 2020 10:08:35 GMT
server: cloudflare
age: 197796
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OriQx%2FnwpBIO%2FDuLgY1QzuoNYZmJ2NxAHsqkHDoSL3W4N3DEdkXwBjn%2BvbiGSJIfmXZw4MEG7XJC5fe4qlM97%2F2XOv6KgFlmbAFvd6Mm0%2BZ50ATK0YL0qgXylq7%2BmLwms7nycTrshBa4kRaJ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4b0349ca5f2c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 02 Dec 2021 04:31:47 GMT

GET
H2 200 icon3.svg
gagadaily.com/GGD2020/ 504 B
610 B 29ms
27ms Image
image/svg+xml 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gagadaily.com/GGD2020/icon3.svg
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a98194af49364b4b567ebffe281727e0ff6abad5062846c6eba96265c574f608

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Mar 2020 10:11:10 GMT
server: cloudflare
age: 103778
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJghc9qIWcjkmGqryrSf8s8tIKWwEfL602CD7IoVHwtfbs2L5X2jZ%2Foh9qiGWD2f13qkdrvOYqT8ZLOWZYzSRyRQelx00872qj8cXT%2B8jxyjyyfEPtuOvRaV%2F3%2FBKaTCAIgCvQHn%2FCvnPwxw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4b0349ca602c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 03 Dec 2021 06:38:45 GMT

GET
H2 200 icon4.svg
gagadaily.com/GGD2020/ 661 B
682 B 34ms
32ms Image
image/svg+xml 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gagadaily.com/GGD2020/icon4.svg
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 122c03126a27f909f0687f0c6caae4f4629648dbf932927a4b1301a76f21c08c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Mar 2020 10:11:10 GMT
server: cloudflare
age: 462198
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUq2AkkeplLkXosiS07muCHfbfJoarp7qcHyUuRJx5OSrmxvGYdrAa8VLyuw1JWnRux%2BasLVzHLm1buV2RNbiD5OqyeGmNqk8e96amozJwxUDqrb27xAQcY3CPWfObTbiNblQOILkqjYYAIB"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4b0349ca622c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 29 Nov 2021 03:05:06 GMT

GET
H2 200 slot.js Show response
js.gumgum.com/ 78 KB
30 KB 62ms
19ms Script
application/javascript 143.204.98.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/slot.js
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-25.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f571d90a45d019c1238025969d5c38acf536d4eb925668df1273e700af8474ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 2mvMlC5BCb9jw8Mo25IIbRdulrCeblw0
content-encoding: gzip
x-amz-meta-timing-allow-origin: *
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"afca57e4dc3a88b3029e6d7a10ebc741"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
date: Sat, 27 Nov 2021 11:28:24 GMT
last-modified: Thu, 25 Nov 2021 01:31:55 GMT
x-amz-meta-access-control-allow-origin: *
x-amz-cf-id: FnF9S77tgruY56HprLd12u5ptTdNVQFBQQzKBtWDFSdTCx2YXNflog==

GET
H2 200 params.236658.js Show response
st.districtm.ca/ 2 KB
736 B 78ms
25ms Script
application/javascript 2600:9000:2156:5400:17:b1c1:7040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.districtm.ca/params.236658.js
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5400:17:b1c1:7040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e703d666fb7a3ed1576fe1c27800a1f9443e3ef8982c5bf6fa0a3cc378a25e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:25:11 GMT
content-encoding: gzip
last-modified: Thu, 02 Aug 2018 00:16:44 GMT
server: AmazonS3
age: 79394
etag: W/"7b7bf387c5b28fba59a0adb96bf3925a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 1imyIRAtfuMdglSS-AKx1R0tXOyPC3EeT8IZwgGzbxGkFQnlf4nbhA==

GET
H2 200 supertag.js Show response
st.districtm.ca/ 40 KB
12 KB 70ms
18ms Script
application/javascript 2600:9000:2156:5400:17:b1c1:7040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.districtm.ca/supertag.js
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5400:17:b1c1:7040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 864c65883b83f3405a9cd723541e915e46a5b5bbae5d7d8d0384b5ca6e81d465

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:11:42 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 17:18:16 GMT
server: AmazonS3
age: 31173
etag: W/"9960c629042fce4158c018f810c78721"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: r6fBkk5zYQf-kg5jUxuq1tg0dvsJajO9cjHb8Z5-WLohBcn1Zm5xoQ==

GET /
d2szg1g41jt3pq.cloudfront.net/ 0
0

GET
H2 200 email-decode.min.js Show response
gagadaily.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 13ms
9ms Script
application/javascript 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gagadaily.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: gagadaily.com
URL: https://gagadaily.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 17:32:49 GMT
server: cloudflare
etag: W/"619bd441-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDLj8nBel5OcBhzY1Msa4AHN5HVpXcx7W35ZM79azazTFZ0h%2FZosC7LKiBKI4xYGhifrRnTWRBA%2B3u%2B9QYqvpIcfZAkT0%2F%2FfpbWoS3Fc%2FpJItaIb%2FVIiiufIOAazAEWoHd8dlDNo%2FRBC4GeB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4b0349ca4e2c26-FRA
vary: Accept-Encoding
expires: Mon, 29 Nov 2021 11:28:24 GMT

GET
H2 200 root_library.js Show response
gagadaily.com/uploads/theme/javascript_global/ 383 KB
119 KB 32ms
28ms Script
application/javascript 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/javascript_global/root_library.js?v=d238e0516d1637843140
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceb6c8882d9bc2794f5b173df6a16482b3083ccfc0e0613953674558b29de460

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169356
cf-polished: origSize=392709
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 11:16:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YhgzBdnYCRiqGvM%2Bq9wiRi%2BUqDuLD5W56uMfIWPU0TiiuEmZqvsE2QBaD24zoisr7GJThdyw6kDsVnvCrdLcayMB3Bp4mWXlyAohifpv88G76HwCpEKQ%2FRXODsK8lJyTJqgxJXynqFtkkBL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6b4b0349ca4f2c26-FRA
expires: Thu, 02 Dec 2021 12:25:47 GMT

GET
H2 200 root_js_lang_1.js Show response
gagadaily.com/uploads/theme/javascript_global/ 95 KB
30 KB 31ms
27ms Script
application/javascript 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/javascript_global/root_js_lang_1.js?v=d238e0516d1637843140
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db41b89054c29d62857d1f45a0d294574862d84508c03b1db32d917f0137528b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169356
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 11:16:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqn%2BXeHMFFXADFiHgRIxrjjTqI4nti1bVvKklTc2FhoWRq%2FAoWCaW%2BBYgC9rN%2BM5ckck71GKbaUh8ncb%2BwxNQvUECaJqT2VXb16%2BvsyiPUiBvEMfvQ9Gg324ZM3Y%2FnNCpKqXwFSKw3cnO8f7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6b4b0349ca512c26-FRA
expires: Thu, 02 Dec 2021 12:25:47 GMT

GET
H2 200 root_framework.js Show response
gagadaily.com/uploads/theme/javascript_global/ 409 KB
96 KB 31ms
27ms Script
application/javascript 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/javascript_global/root_framework.js?v=d238e0516d1637843140
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31411682816809eec06fcfaee80c67a4fb5c9c9039b337a5266cfbde24de2dbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169356
cf-polished: origSize=419474
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 11:16:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3ebz3DWWKBv1aE4NoobJZCETBitTEswEkjxzt3NHHbEvW6C1IMFJ33n1dXIApMThdqkEihGKCPpa95ByDIbhXV2y59ZsVgxu8JiWy11zzlgpumamGPf7TVooXZDNjn7qCdvGv1IUtl6uhrt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6b4b0349ca522c26-FRA
expires: Thu, 02 Dec 2021 12:25:47 GMT

GET
H2 200 global_global_core.js Show response
gagadaily.com/uploads/theme/javascript_core/ 36 KB
9 KB 35ms
32ms Script
application/javascript 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/javascript_core/global_global_core.js?v=d238e0516d1637843140
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 084a69b8a10c3375e9871f8c166ebcab053aff4c44dfc550094c0ca37ec9abda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169356
cf-polished: origSize=36583
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 11:16:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BV5lQ2ZoYLODymWPsp4EG4b%2BOnXIfNk6mNOTDGkCujLfEDEjqYzRlznoMxuG5J6atgFfm5gKWDePctVkRVwQtPUkfOlRiXcLLGMcznhQEtKDyu%2BHE4XFa3bxaga1Ap9xUHPZ9HU9qJaZ5VN5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6b4b0349ca542c26-FRA
expires: Thu, 02 Dec 2021 12:25:48 GMT

GET
H2 200 root_front.js Show response
gagadaily.com/uploads/theme/javascript_global/ 100 KB
23 KB 25ms
21ms Script
application/javascript 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/javascript_global/root_front.js?v=d238e0516d1637843140
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f1945072f7382a78b4fd022d3b73809e8bc450a35a8a73e599bb87f154fa360

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169356
cf-polished: origSize=102800
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 11:16:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUlzys0R73ZVSF6RQNye45hHPpgvQawVbyHyQaNlWKyhL7sTdEVPQeTPhNOwWbRKOtwL0S%2BfIHu3dvMGqhIsWCD1RazFLE4X0tmiA%2B53mWLAJd0qEBIYvkW1YdGbkEfrW%2FUa1oDktNo4ueTX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6b4b0349ca552c26-FRA
expires: Thu, 02 Dec 2021 12:25:48 GMT

GET
H2 200 front_front_core.js Show response
gagadaily.com/uploads/theme/javascript_core/ 26 KB
7 KB 31ms
27ms Script
application/javascript 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/javascript_core/front_front_core.js?v=d238e0516d1637843140
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eabeb7a75c8848f482bad5a4ff11c916b05a8ec80ec1f378316b7505a7370017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169356
cf-polished: origSize=26900
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 11:16:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oWt0pJhYKc%2BMiFLQiDRqlDUSoaVNR8vgK7RXcVqTVW6BrnZY2nGqT2YaI3ZWR21EBLFmU8E3lMDbSI0JhgysEBmu5njfUiFElyw8r73AsHA7O5lSPKr4uP23fZQNpkPu5A%2FNeXnrHpvWxGX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6b4b0349ca562c26-FRA
expires: Thu, 02 Dec 2021 12:25:48 GMT

GET
H2 200 front_app.js Show response
gagadaily.com/uploads/theme/javascript_cms/ 3 KB
2 KB 25ms
22ms Script
application/javascript 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/javascript_cms/front_app.js?v=d238e0516d1637843140
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af231f62a58033c0b49bf9fa34b93741d211eb3665e722d88e2a9da320d5359d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169344
cf-polished: origSize=3468
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 11:17:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uT4iClcgZ71IwB2KM7a%2FsFli8gxb9QmrtCisgMl%2BVMSxwg1ynYmiRWqwr%2BAl02mmk%2FdWaiknRmPndeXvCU%2FMq%2Ba11aTG%2FGOPty94%2BgIQ94VflEfYZmx1oMyUvXXXohhyaB0u4wm8IEejOM9A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6b4b0349ca572c26-FRA
expires: Thu, 02 Dec 2021 12:26:00 GMT

GET
H2 200 root_map.js Show response
gagadaily.com/uploads/theme/javascript_global/ 2 KB
592 B 25ms
22ms Script
application/javascript 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/uploads/theme/javascript_global/root_map.js?v=d238e0516d1637843140
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4f57fe966d6031b207646243f1529fcff6dde7037d17cd5084bf955b13038d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169356
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 25 Nov 2021 12:25:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YXCExhNm0qpJLa0UDoYvw8Ph81RoSXST4KtXItJlEasW98HhLrplFMh%2FJu%2BdRZH1bJSzgCjrhIAAI6UUuGUl9Y1l2WnOgn0%2BwU4kob%2BcayQ7UKI8IxCAaLZ7mphS3EOk2%2F8ytF242mH4AcB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6b4b0349ca592c26-FRA
expires: Thu, 02 Dec 2021 12:25:48 GMT

GET
H2 200 107945X1565374.skimlinks.js Show response
s.skimresources.com/js/ 49 KB
19 KB 47ms
14ms Script
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/107945X1565374.skimlinks.js
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e460d2ec58094fc7103adb347455b44c05d10f2ccad870e162f81c6596e1622

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 09:25:20 GMT
server: AmazonS3
x-amz-request-id: 10EH9CY9A01N5GP5
etag: "e67558bedf16e6886fddd9b682fe310d"
x-hw: 1638012504.cds151.fr8.hn,1638012504.cds137.fr8.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 18774
x-amz-id-2: 88gHTcIIGE+PlBu+ZVK+MqpCwtGTBr4Sqaqw7f3P/1Zj4/YV1vqIGk7/hkGnaoTElXPZAtKW4HE=

GET
H2 200 services.js Show response
js.gumgum.com/ 100 KB
37 KB 68ms
27ms Script
application/javascript 143.204.98.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/services.js
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-25.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8ab7ae9e9ccf94258b9243409edf9356ec6a80a3a44cf664a24e8517861af91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: dTY2chcC8G6pltgaw6OzWwtYnmtZEIpe
content-encoding: gzip
x-amz-meta-timing-allow-origin: *
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"d2d6a8fccebd3f1a5411b38cdbcb870e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
date: Sat, 27 Nov 2021 11:28:24 GMT
last-modified: Thu, 25 Nov 2021 01:31:55 GMT
x-amz-meta-access-control-allow-origin: *
x-amz-cf-id: XlGL0to4_ZB2jbs5TDvw0TKSIqUuGuCcQFIESf5pxTMAA-Zq81EUxA==

GET
H3 200 GraphikRegular.woff2
gagadaily.com/fonts/GraphikRegular/ 43 KB
44 KB 27ms
27ms Font
font/woff2 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/fonts/GraphikRegular/GraphikRegular.woff2
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/uploads/theme/css_built_87/258adbb6e4f3e83cd3b355f84e3fa002_custom.css?v=d238e0516d1620751828
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6db44a1174d1106a574b61ff74135c0303b968aade398acd950cf46ff77de9e

Request headers

Referer: https://gagadaily.com/uploads/theme/css_built_87/258adbb6e4f3e83cd3b355f84e3fa002_custom.css?v=d238e0516d1620751828
Origin: https://gagadaily.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576077
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44016
last-modified: Sat, 26 Dec 2020 18:53:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8aJZAWIai86ITfwBNB8sSwo1C69uTN%2FEyDKmZOfHd2lbHBa7u9rC0oXAnoQPtdEUSbpJmbmhhuJoYYTqje7IpxZV6En7uMorFuSHi7%2BuRQfKDlysMpQFAsx4KmOCBYpX5dTLdy1TnUdLkKM"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6b4b034a1ecb6961-FRA
expires: Sat, 27 Nov 2021 19:27:07 GMT

GET
H3 200 fontawesome-webfont.woff2
gagadaily.com/applications/core/interface/font/ 75 KB
76 KB 20ms
20ms Font
font/woff2 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/uploads/theme/css_built_87/341e4a57816af3ba440d891ca87450ff_framework.css?v=d238e0516d1620751828
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://gagadaily.com/uploads/theme/css_built_87/341e4a57816af3ba440d891ca87450ff_framework.css?v=d238e0516d1620751828
Origin: https://gagadaily.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 374078
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
last-modified: Thu, 14 Mar 2019 11:06:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=co%2BCzTxw%2Fs9j9bwCZayTYZGqkccKLX7uGvSXI2hJIWQ7SM8f%2FWiExaSZqFH48JCxV3ZOnxnunWgzyiBBhVBBN6OAZQDKcycQCo7gg4NgfpMi5GzBEC2rsBbK0M1Z9hWCWyBB5o2mfRnaWv7H"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6b4b034a1ecf6961-FRA
expires: Tue, 30 Nov 2021 03:33:46 GMT

GET
H3 200 GraphikRegularItalic.woff2
gagadaily.com/fonts/GraphikRegularItalic/ 46 KB
46 KB 32ms
32ms Font
font/woff2 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/fonts/GraphikRegularItalic/GraphikRegularItalic.woff2
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/uploads/theme/css_built_87/258adbb6e4f3e83cd3b355f84e3fa002_custom.css?v=d238e0516d1620751828
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40539755fa9d11d33bf58bff8d851a36916a8724af41a33662702d31cb94f56e

Request headers

Referer: https://gagadaily.com/uploads/theme/css_built_87/258adbb6e4f3e83cd3b355f84e3fa002_custom.css?v=d238e0516d1620751828
Origin: https://gagadaily.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46672
last-modified: Sat, 26 Dec 2020 18:53:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhVFO%2Fpve6gLdBFdL%2BBHZoDthhlN3Li8s39CQ6puYnrYaiMVzLBcthXcYLuEnQ496UqgABbb2a7Om9nU%2BiYCyDjFi%2FlVtFLvDGVpdfb8F9sAp7NSMbQ78X2atwMBWPgcTZKUu1IEqJMSjbGl"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6b4b034a2ef66961-FRA
expires: Wed, 01 Dec 2021 16:00:00 GMT

GET
H3 200 GraphikLight.woff2
gagadaily.com/fonts/GraphikLight/ 44 KB
45 KB 17ms
16ms Font
font/woff2 2606:4700:3035::ac43:cf0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gagadaily.com/fonts/GraphikLight/GraphikLight.woff2
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/uploads/theme/css_built_87/258adbb6e4f3e83cd3b355f84e3fa002_custom.css?v=d238e0516d1620751828
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:cf0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ea9eb3fcf137c01e4c557d24e4c737d17c947b157c561a2a464184e9f1b5b6

Request headers

Referer: https://gagadaily.com/uploads/theme/css_built_87/258adbb6e4f3e83cd3b355f84e3fa002_custom.css?v=d238e0516d1620751828
Origin: https://gagadaily.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 322898
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45484
last-modified: Sat, 26 Dec 2020 18:53:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0bzMAEhr6wpfaJi7Fw%2FJrD%2BB0%2BY%2BKus384pm1LDoeZuBb4DScnwKlwB1Tz4mJJ%2Fk3Q78T9f11dgLs8015qtg9hX2upUP5hMo7PoxOWIsz2RXDFa4e1CG3FSWCtXIwg1ISl%2BcNkl6Kewt9BY"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6b4b034a5f936961-FRA
expires: Tue, 30 Nov 2021 17:46:46 GMT

GET
H2 200 v1 Show response
services.districtm.net/gdpr/ 20 B
225 B 51ms
24ms XHR
application/json 2606:4700::6811:9342
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.districtm.net/gdpr/v1
Requested by: Host: st.districtm.ca
URL: https://st.districtm.ca/supertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9342 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a902747da13598316cc40688a307315d550a918aa03428a214484433cee9b2eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
cf-ray: 6b4b034aab9e175e-FRA
content-length: 20

GET
H2 200 init.js Show response
cdn.feature.fm/widgets/ 115 KB
25 KB 43ms
9ms Script
application/javascript 143.204.98.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.feature.fm/widgets/init.js

Requested by

Host: gagadaily.com
URL: https://gagadaily.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-64.fra50.r.cloudfront.net

Software

openresty/1.15.8.1 / Express

Resource Hash

94d3a0d86a76fd96c3aa1c808f6ba19e1199a86e4ffdcfbbb01a40ea3d2dd46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:14:25 GMT
content-encoding: gzip
age: 15239
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 06 Apr 2020 12:40:12 GMT
server: openresty/1.15.8.1
etag: W/"1ca20-1714f8163e0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Ty8OU-_iC2fRJTMGw_aX2i_Cmw8oxsiVzTHdMo1GCmWNWtj81elOlg==

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 270 KB
97 KB 50ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0534452931345127&plah=gagadaily.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0534452931345127

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ee8c030108f2306df76bad97f09b8e44caad804b25e9aa5bbbf5b8213036da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99573
x-xss-protection: 0
server: cafe
etag: 2602612162929873584
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 11:28:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 56D8 11 KB
5 KB 29ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0534452931345127

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 27 Nov 2021 09:43:00 GMT
expires: Sat, 11 Dec 2021 09:43:00 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 6324
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10041953-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1637
date: Sat, 27 Nov 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 27 Nov 2021 13:01:07 GMT

POST
H2 200 / Show response
r.skimresources.com/api/ 150 B
336 B 37ms
15ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/107945X1565374.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

6e8845047f0beb53819fe09a51ee5e4b716d0f17d08aeed6644576ab0ebb6fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gagadaily.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://gagadaily.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 71A7 0
102 B 38ms
15ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.04953592368919346
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 45ms
15ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=10.275449309398075
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 45ms
15ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=10.275449309398075
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 slot Show response
g2.gumgum.com/ 241 B
824 B 111ms
41ms XHR
application/json 34.249.15.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/slot?pu=https%3A%2F%2Fgagadaily.com%2F&ogu=https%3A%2F%2Fgagadaily.com&r=3.85.12&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A4%2C%22ren%22%3A4%2C%22fc%22%3A0%2C%22ctx%22%3A%5B0%5D%2C%22jsv%22%3A%223.85.12%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9523&bf=614d3dd9c296405d0746fdcaf6e253af4c86a77a&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1638012504871&to=0&vpii=false&vph=1200&vpw=1600&ru=&si=37090&jpl=1
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/slot.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.15.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-15-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aef558f43e1370c38f7a540c9cc7100a8d2f5f83b5c4ef5cb82ad8b24ac741a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: gzip
server: nginx
etag: W/"00837669c1d7365d6ca4a6b90fa079efe"
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://gagadaily.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8

GET
H2 200 slot Show response
g2.gumgum.com/ 241 B
825 B 110ms
40ms XHR
application/json 34.249.15.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/slot?pu=https%3A%2F%2Fgagadaily.com%2F&ogu=https%3A%2F%2Fgagadaily.com&r=3.85.12&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A4%2C%22ren%22%3A4%2C%22fc%22%3A0%2C%22ctx%22%3A%5B0%5D%2C%22jsv%22%3A%223.85.12%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9523&bf=614d3dd9c296405d0746fdcaf6e253af4c86a77a&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1638012504873&to=0&vpii=false&vph=1200&vpw=1600&ru=&si=37090&jpl=1
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/slot.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.15.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-15-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aef558f43e1370c38f7a540c9cc7100a8d2f5f83b5c4ef5cb82ad8b24ac741a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 11:28:24 GMT
content-encoding: gzip
server: nginx
etag: W/"00837669c1d7365d6ca4a6b90fa079efe"
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://gagadaily.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 39E3 0
0 46ms
18ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: st.districtm.ca
URL: https://st.districtm.ca/supertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

date: Sat, 27 Nov 2021 11:28:24 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b4b034bbfabdfe3-FRA

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
646 B 67ms
12ms Script
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?callback=districtmHailMaryLibrairy.ssp.appnexus.handleAppNexusCallback&callback_uid=163801250471894700-236658&psa=0&code=dm-pl-236658&member=1908&memberId=1908&size=300x600&referrer=https%3A%2F%2Fgagadaily.com%2F

Requested by

Host: st.districtm.ca
URL: https://st.districtm.ca/supertag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 11:28:24 GMT
X-Proxy-Origin: 78.47.208.29; 78.47.208.29; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 03a07668-082b-4269-9669-c06fe2501c6e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 identify
api.feature.fm/consumer/ Frame 0
0 536ms
175ms Preflight 34.214.64.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.feature.fm/consumer/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.214.64.244 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-64-244.us-west-2.compute.amazonaws.com

Software

openresty/1.15.8.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://gagadaily.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: openresty/1.15.8.1
date: Sat, 27 Nov 2021 11:28:25 GMT
x-powered-by: Express
access-control-allow-origin: https://gagadaily.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 identify Show response
api.feature.fm/consumer/ 117 B
487 B 508ms
173ms XHR
application/json 34.214.64.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.feature.fm/consumer/identify

Requested by

Host: cdn.feature.fm
URL: https://cdn.feature.fm/widgets/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.214.64.244 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-64-244.us-west-2.compute.amazonaws.com

Software

openresty/1.15.8.1 / Express

Resource Hash

4444120864fc67247cf47d03ea070c459cb41dfccc66a0d956eebfa745c38156

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://gagadaily.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 27 Nov 2021 11:28:25 GMT
server: openresty/1.15.8.1
x-powered-by: Express
etag: W/"75-QObGpBjVJA1uVQuzzCQzlUqMcDQ"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gagadaily.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 117

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=168949691&t=pageview&_s=1&dl=https%3A%2F%2Fgagadaily.com%2F&ul=en-us&de=UTF-8&dt=Gaga%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1157829262&gjid=451543980&cid=1407970679.1638012505&tid=UA-10041953-1&_gid=71821848.1638012505&_r=1&gtm=2ouba1&z=201808482

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gagadaily.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 11:28:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gagadaily.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
636 B 66ms
16ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gagadaily.com&callback=_gfp_s_&client=ca-pub-0534452931345127

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0534452931345127&plah=gagadaily.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

35e050ce63b301bf44481987d04c8f73598989bca0680c1ee2271ab6d9067f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 37ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gagadaily.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 11:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gagadaily.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 11:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fgagadaily.com%2F&tn=DIV&id=GGD2020SOCIAL-stripe&cls=ipsResponsive_hidePhone%20ipsResponsive_hideTablet&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: gagadaily.com
URL: https://gagadaily.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 11:28:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A036 0
19 B 74ms
60ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&adk=1812271804&adf=3025194257&lmt=1638012475&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgagadaily.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504754&bpp=4&bdt=180&idt=284&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3695015884266&frm=20&pv=2&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=296

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 27 Nov 2021 11:28:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 11:28:25 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A0D1 69 KB
27 KB 697ms
696ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=280&slotname=2495326838&adk=2784051227&adf=530655446&pi=t.ma~as.2495326838&w=728&fwrn=4&fwrnh=100&lmt=1638012475&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504758&bpp=5&bdt=184&idt=325&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aTeRER9FrS&p=https%3A//gagadaily.com&dtd=330

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2642ff743b32736bdf50aa64e1db62b05fabc8b86641a1c03de17e4ba3659a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 27 Nov 2021 11:28:25 GMT
server: cafe
content-length: 27997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 11:28:25 GMT
cache-control: private

GET

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOUV6ZLaQjh55wMF8otZsPFNE0wZJKVRYLj064dA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOUV6ZLaQjh55wMF8otZsPFNE0wZJKVRYLj064dA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
https://id5-sync.com/cq/441/916/8/2.gif?puid=628a1bb9-6bae-45ef-97dd-9f595eef8323&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOUV6ZLaQjh55wMF8otZsPFNE0wZJKVRYLj064dA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
https://id5-sync.com/cq/441/124/7/3.gif?puid=628a1bb9-6bae-45ef-97dd-9f595eef8323&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/441/146/6/4.gif?puid=0903f1b7-b854-4546-a76d-b9084d8905a2&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELD9Sg6O70UA3nwuFgvPrcM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESELD9Sg6O70UA3nwuFgvPr...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8313753381490270782&opid=apx&ops=&utidl=tech:goo:CAESELD9Sg6O70UA3nwuFgvPrcM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A22821850788&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

0
0

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
338 B 19ms
18ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/107945X1565374.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gagadaily.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 11:28:25 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://gagadaily.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 048A 69 KB
27 KB 525ms
525ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=250&slotname=2975587628&adk=3073299649&adf=3336167786&pi=t.ma~as.2975587628&w=300&lmt=1638012475&psa=0&format=300x250&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504763&bpp=1&bdt=190&idt=336&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=490&ady=1246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jvxcmol8Rf&p=https%3A//gagadaily.com&dtd=339

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

befa04815f5c3b9b588aab86555f40dafc6e19514a8d8a279653b83d8618347d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 27 Nov 2021 11:28:25 GMT
server: cafe
content-length: 28002
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 11:28:25 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 46ms
14ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10041953-1&cid=1407970679.1638012505&jid=1157829262&gjid=451543980&_gid=71821848.1638012505&_u=YEBAAUAAAAAAAC~&z=2010610000

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gagadaily.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 27 Nov 2021 11:28:25 GMT
content-type: text/plain
access-control-allow-origin: https://gagadaily.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98A4 69 KB
27 KB 561ms
561ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d69693604fb10d56662675f2e49b00a0435c93d5b62550aac77e860b0ed9c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 27 Nov 2021 11:28:25 GMT
server: cafe
content-length: 27898
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 11:28:25 GMT
cache-control: private

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gagadaily.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 11:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gagadaily.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 11:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9977 436 B
235 B 204ms
204ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=280&slotname=6878940032&adk=2044434317&adf=2967367454&pi=t.ma~as.6878940032&w=1200&fwrn=4&fwrnh=100&lmt=1638012475&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=349&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250%2C300x600&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=2009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=VWNIjZfymO&p=https%3A//gagadaily.com&dtd=352

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b558196888076ac6af5cbba4ff2f9a8f2b08403dc56e457a1c100247fbad17e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 27 Nov 2021 11:28:25 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 11:28:25 GMT
cache-control: private

GET
H2 200 pixel.gif
c.gumgum.com/images/ Frame 53EB 43 B
450 B 37ms
7ms Image
image/gif 143.204.98.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.gumgum.com/images/pixel.gif
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-80.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56b97f9bcb141cc4e04ebe1320dd6dab5fac7166c6977f92783e5762d2688e10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: xNUue81cA9a8HrwOALQ1QDloetFZJEEw
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2017 03:14:19 GMT
server: AmazonS3
age: 81982
etag: "629ccc774aed95b2c6bec91151f7292d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=31536000
date: Fri, 26 Nov 2021 12:42:31 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 43
x-amz-cf-id: JIzUi7p2LO0ppGUyEIbi8l0uTLW_2Kdd2SKl-_0MoipfSVlKF4frkw==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6C73 70 KB
28 KB 331ms
331ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=1335365576&adf=1158750195&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504765&bpp=1&bdt=191&idt=355&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250%2C300x600%2C1200x280&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=650&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=T8aPbiUQRw&p=https%3A//gagadaily.com&dtd=357

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e67da357bb7889ea070a76336c2aff0ec54130d8ebee1099c9ac7c7d281292cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 27 Nov 2021 11:28:25 GMT
server: cafe
content-length: 28286
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 11:28:25 GMT
cache-control: private

GET
H2 200 pixel.gif
c.gumgum.com/images/ Frame 647A 43 B
451 B 30ms
7ms Image
image/gif 143.204.98.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.gumgum.com/images/pixel.gif
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/slot.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-80.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56b97f9bcb141cc4e04ebe1320dd6dab5fac7166c6977f92783e5762d2688e10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: xNUue81cA9a8HrwOALQ1QDloetFZJEEw
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2017 03:14:19 GMT
server: AmazonS3
age: 81982
etag: "629ccc774aed95b2c6bec91151f7292d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=31536000
date: Fri, 26 Nov 2021 12:42:31 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 43
x-amz-cf-id: I0f8-Owu9tdhiCRv3KkLwIcKa6qSpqV8S8o7GW9iyh_GF_WeZG49ew==

GET
H2 200 14080480519133016810
tpc.googlesyndication.com/simgad/ Frame 6C73 112 KB
113 KB 50ms
14ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14080480519133016810?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkVhGmwaS34vjqCWZN9Aec46EyfxA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=1335365576&adf=1158750195&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504765&bpp=1&bdt=191&idt=355&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250%2C300x600%2C1200x280&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=650&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=T8aPbiUQRw&p=https%3A//gagadaily.com&dtd=357

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f24abe6b74d629f3906b957e40f3857e145bfef9259411968057a0482b19b834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 20:12:11 GMT
x-content-type-options: nosniff
age: 141374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114957
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 21:24:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 25 Nov 2022 20:12:11 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 6C73 19 KB
8 KB 42ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:18:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 6C73 2 KB
1 KB 30ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:28:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C73 119 KB
37 KB 48ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 11:28:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 6C73 15 KB
6 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:21:12 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 6C73 27 KB
11 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 23:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11327
x-xss-protection: 0
server: cafe
etag: 10656063359522146397
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 23:18:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6C73 0
0 50ms
49ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cm6blWRaiYfL8CIqOtwe25aiwAubz_9ZmvaLgreoO2dkeEAEguIn5EGCVgoCAkAegAcLqps0DyAECqAMByAPJBKoExQFP0MwjtY0s0lBGYE8r4SKeaiEHvdnH-n_MUP8vmoF60gxy31CO_Fv2JwKgGnMyTOX8Ztxz_D5I6FMHE5NDpEF2cDsbGYRQ12Q16LpSGp5xT7UMx5r6TOjCchOkUQQaIzLkfcNYNxDN5kiyNwXFCYRcOD5Mz--_n1A7qjUegvTpRn4CWKeLQUo904Up4WWbelaVL0UpJN40aBY9xfv9RMzdPjzwI6aRJw2PQZrkHTR2mfzrJZF0LEWjOM6ABsVaP46UaXdgZ8AE6vqZ2uoDkgUECAQYAZIFBAgFGASgBgKAB6aV2TKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCqngXSCAkIgOGAEBABGF-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMDUzNDQ1MjkzMTM0NTEyNxgA&sigh=qjfRMGBqkB8&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=1335365576&adf=1158750195&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504765&bpp=1&bdt=191&idt=355&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250%2C300x600%2C1200x280&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=650&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=T8aPbiUQRw&p=https%3A//gagadaily.com&dtd=357
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Nov 2021 11:28:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Nov 2021 11:28:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B3F 143 B
163 B 10ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=1335365576&adf=1158750195&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504765&bpp=1&bdt=191&idt=355&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250%2C300x600%2C1200x280&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=650&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=T8aPbiUQRw&p=https%3A//gagadaily.com&dtd=357

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 27 Nov 2021 10:58:25 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6C73 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc8e0f64f6d214144d3c61bbb3e6ec6b1526f228cdc05cee547fb8c1cc6988d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4485662014614558155
tpc.googlesyndication.com/simgad/ Frame 048A 20 KB
20 KB 23ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4485662014614558155?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlC5GDE2lkZv-5N2Nl9pkhrb88HxA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=250&slotname=2975587628&adk=3073299649&adf=3336167786&pi=t.ma~as.2975587628&w=300&lmt=1638012475&psa=0&format=300x250&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504763&bpp=1&bdt=190&idt=336&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=490&ady=1246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jvxcmol8Rf&p=https%3A//gagadaily.com&dtd=339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a207cd88cad3d05ddbf6a59f70fd73da7b527b8afeb99b4a51e98353a8fd95f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:13:00 GMT
x-content-type-options: nosniff
age: 281725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20146
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 16:31:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 05:13:00 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 048A 19 KB
8 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:18:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 048A 2 KB
1 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:23:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 048A 119 KB
36 KB 46ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 11:28:25 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 048A 15 KB
6 KB 16ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:21:12 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 048A 27 KB
11 KB 21ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 23:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11327
x-xss-protection: 0
server: cafe
etag: 10656063359522146397
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 23:18:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 048A 0
0 46ms
46ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHI8hWRaiYd6OCIbIb6fQj-ALwfe64WaG9c255Q7-zcnQ9w8QASC4ifkQYJWCgICQB6AB9qKcmALIAQKoAwHIA8kEqgTIAU_Qfz5mJR7M18k2-mNnZGhKc0X70gOwP5dkRewEYHigboZ5Ke1m890UXYkTbvUretO409cQcE5q3vg2CfdD2jzPsvNElp8coZLJ2YV5Z_pW7bhrGdOug4HXr7c-38Xh-cF7X0vAscYt8MSV3UhoJxPkjPvbbhFBXXli909wVW8C5j9fEskdbyqb1XK4MC_kg7StVncuRXVjl1AxZHetBdK0XkxEljpfVvD9lKEdsbQc6uwQrDL7npuea77zp5lKqtYmP6HcZP4-wASQvfj_9QOSBQQIBBgBkgUECAUYBKAGAoAHouG3PqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPXJF9IICQiA4YAQEAEYX4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wNTM0NDUyOTMxMzQ1MTI3GAA&sigh=4hQFsLCxoXU&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=250&slotname=2975587628&adk=3073299649&adf=3336167786&pi=t.ma~as.2975587628&w=300&lmt=1638012475&psa=0&format=300x250&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504763&bpp=1&bdt=190&idt=336&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=490&ady=1246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jvxcmol8Rf&p=https%3A//gagadaily.com&dtd=339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Nov 2021 11:28:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B3F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
54ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 27 Nov 2021 11:28:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 11:28:25 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 27 Nov 2021 11:28:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C11 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 14:41:34 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame CE72 77 KB
26 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: st.districtm.ca
URL: https://st.districtm.ca/supertag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ad60741758d0baa31641657553b220cf508e4703aff332f0fa69e00a1acdd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1056 / 9 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26855
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 11:28:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF8B 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=250&slotname=2975587628&adk=3073299649&adf=3336167786&pi=t.ma~as.2975587628&w=300&lmt=1638012475&psa=0&format=300x250&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504763&bpp=1&bdt=190&idt=336&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=490&ady=1246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jvxcmol8Rf&p=https%3A//gagadaily.com&dtd=339

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 27 Nov 2021 10:58:25 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 7873143116072699061
tpc.googlesyndication.com/daca_images/simgad/ Frame 98A4 44 KB
44 KB 8ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7873143116072699061

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de9cba88f70a79743b35f7210232379cc90160472124195f6d3dfdb76cd3d5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 00:28:03 GMT
x-content-type-options: nosniff
age: 298822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44794
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 12:26:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 00:28:03 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 98A4 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:18:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 98A4 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:23:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98A4 119 KB
36 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 11:28:25 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 98A4 15 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:21:12 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 98A4 27 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 23:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11327
x-xss-protection: 0
server: cafe
etag: 10656063359522146397
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 23:18:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 98A4 0
0 47ms
47ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cr5daWRaiYbfOCNHMbZDAgPALp4SjvmbNo-eM_A7Z2R4QASC4ifkQYJWCgICQB6ABmf3mnijIAQKpAqZFK9CNbYQ-qAMByAPJBKoE0wFP0E3lUAe85JLnedGUmMash03dRbeVbVkhgVuPv-HlVhJPH-Xg8zJQryHCGdAKq5R93dybg_1WmAfKS-i8iojS6rQiB7D8dCggEo6HDLmihyBYrfsM35xY6fnyzvI6FW88a6J3Aa_4ihtYLcalzQQQwkjf_W4srwg13JU0Tmbfbrp-8QZ6ixIH1wiUKL3NYMsU8mIngrXebFUeKZn6GPF7NhgB3cdz6zSmYLWqDEeNkDEJ34qah-CLTQvDUHb5cAH7Xob4hBCHG6NPbzIllYwmCUeBwASM8NqygwSgBgKAB5m1t_4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQorMT0ggJCIDhgBAQARhfgAoByAsB2BMD0BUBgBcBshccChoIABIUcHViLTA1MzQ0NTI5MzEzNDUxMjcYAA&sigh=ErEQvyoHwm4&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Nov 2021 11:28:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 048A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cb00912f602a0063b26557250cf31a88fde20b02869103e03bfad4a2d2e7665

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D8BF 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 27 Nov 2021 10:58:25 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame CE72 344 KB
116 KB 42ms
21ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 11:28:25 GMT

GET
DATA 200
OK truncated
/ Frame 98A4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96f09183b54ab59a6075722852fb219e9cf7b68158c1940da5310dcbe22ce58c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 16826216716586592654
tpc.googlesyndication.com/simgad/ Frame A0D1 24 KB
24 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16826216716586592654?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkdFxtSYw6xUnZOx1by8PddVJyjEg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=280&slotname=2495326838&adk=2784051227&adf=530655446&pi=t.ma~as.2495326838&w=728&fwrn=4&fwrnh=100&lmt=1638012475&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504758&bpp=5&bdt=184&idt=325&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aTeRER9FrS&p=https%3A//gagadaily.com&dtd=330

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12daee640d223939bd9983bda8b380ba2ba67373c9bd2dd1614980cbbc41132e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:01:59 GMT
x-content-type-options: nosniff
age: 282386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24560
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 16:31:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 05:01:59 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame A0D1 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:18:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame A0D1 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:23:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A0D1 119 KB
36 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 11:28:25 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame A0D1 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:21:12 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame A0D1 27 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 23:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11327
x-xss-protection: 0
server: cafe
etag: 10656063359522146397
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 23:18:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A0D1 0
0 47ms
46ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0ioJWRaiYYmlB5Sob9mwnMAHwfe64WbO9s255Q7-zcnQ9w8QASC4ifkQYJWCgICQB6AB9qKcmALIAQKoAwHIA8kEqgTCAU_QccoFSKv1uuSVgUo6NyDI0wxTRw6amoIV4WJh4coYH6BASRrf-WNiNGUjwyuEQkCvMp20I8VNeUpWyElxZ4_ux0jRm7WEux4HpO7o5z0Wqes536Mm_D2sfLMRhBLzhF6kj5Mgd6gzYr4YoCSvoT_-D2U19nFocy4ddYbZC2dt7NR4gIorjNhhTG7sLaV2uaCJS6tzCW6i4esRGVZL3-n4qhbnuDnHMrRAvdLEyJGgkGtmE8MTAu4fDRpKlT8mLNthwASQvfj_9QOSBQQIBBgBkgUECAUYBKAGAoAHouG3PqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENb4F9IICQiA4YAQEAEYX4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wNTM0NDUyOTMxMzQ1MTI3GAA&sigh=LsxtaLD_SYE&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=280&slotname=2495326838&adk=2784051227&adf=530655446&pi=t.ma~as.2495326838&w=728&fwrn=4&fwrnh=100&lmt=1638012475&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504758&bpp=5&bdt=184&idt=325&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aTeRER9FrS&p=https%3A//gagadaily.com&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Nov 2021 11:28:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF8B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

56ms
55ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 27 Nov 2021 11:28:26 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 11:28:26 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 27 Nov 2021 11:28:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 251E 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=280&slotname=2495326838&adk=2784051227&adf=530655446&pi=t.ma~as.2495326838&w=728&fwrn=4&fwrnh=100&lmt=1638012475&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504758&bpp=5&bdt=184&idt=325&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aTeRER9FrS&p=https%3A//gagadaily.com&dtd=330

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 27 Nov 2021 10:58:25 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6331 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 14:41:34 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D8BF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

24ms
23ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 27 Nov 2021 11:28:26 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 11:28:26 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 27 Nov 2021 11:28:26 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame FFAE 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0534452931345127&output=html&h=600&slotname=5630641233&adk=2472484502&adf=2405336138&pi=t.ma~as.5630641233&w=300&lmt=1638012475&psa=0&format=300x600&url=https%3A%2F%2Fgagadaily.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638012504764&bpp=1&bdt=190&idt=341&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x250&nras=1&correlator=3695015884266&frm=20&pv=1&ga_vid=1407970679.1638012505&ga_sid=1638012505&ga_hid=168949691&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1155&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C31061690&oid=2&pvsid=1748110458736248&pem=29&tmod=858881940&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=4HHhHb8pZX&p=https%3A//gagadaily.com&dtd=344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 14:41:34 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame CE72 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gagadaily.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 11:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame CE72 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gagadaily.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 11:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CE72 76 KB
22 KB 330ms
316ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4166182199582379&correlator=1369847693853785&output=ldjh&impl=fif&eid=31060545%2C31062323%2C21065725&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211127&iu_parts=191956889%2Cst-en-t0-z501&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=dm_tiebreaker%3D0%26dm_zone%3D501%26dm_protocol%3Dhttps%26dm_domain%3Dgagadaily.com%26dm_product%3Dsupertag%26dm_tagid%3D236658%26dm_cpm%3D0.00%26dm_size%3D300x600%26dm_adslot%3D163801250471894700-236658%26dmw_ssp%3Dno_bid&eri=2&cookie=ID%3Dee972a2ec45bc6e5-22ae876c09cc0029%3AT%3D1638012505%3ART%3D1638012505%3AS%3DALNI_Mbt5YR_KV2MTUhRIBy15itWAQlL-Q&cdm=gagadaily.com&bc=31&abxe=1&lmt=1638012505&dt=1638012505940&dlt=1638012505706&idt=217&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=2&adxs=1155&adys=1652&adks=4181749440&ucis=l8fp2z4yxm8h&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fgagadaily.com%2F&top=https%3A%2F%2Fgagadaily.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x0&ga_vid=1407970679.1638012505&ga_sid=1638012506&ga_hid=389805534&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

bf316c0e6184d922ee8ca78ccc051eb27ea94602d628e37496f98fbc776acba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22346
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gagadaily.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF19 6 KB
4 KB 66ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 11:28:26 GMT
expires: Sun, 27 Nov 2022 11:28:26 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A0D1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcf806595067553a684ffd5fe62bbf2b49f087f15d67c67b1081f46c77efc6a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 graphql Show response
graph.feature.fm/ 19 KB
3 KB 1200ms
859ms XHR
application/json 44.225.6.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.feature.fm/graphql

Requested by

Host: cdn.feature.fm
URL: https://cdn.feature.fm/widgets/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

44.225.6.40 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-6-40.us-west-2.compute.amazonaws.com

Software

openresty/1.15.8.1 / Express

Resource Hash

5af8c14620e9a056239e9017727f563fe4f2bc167d90ed8fb5e84c5b5fb01852

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json; charset=utf-8
Referer: https://gagadaily.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 27 Nov 2021 11:28:27 GMT
content-encoding: gzip
server: openresty/1.15.8.1
x-powered-by: Express
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gagadaily.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H2 204 graphql
graph.feature.fm/ Frame 0
0 525ms
168ms Preflight 44.225.6.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.feature.fm/graphql

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

44.225.6.40 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-6-40.us-west-2.compute.amazonaws.com

Software

openresty/1.15.8.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://gagadaily.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: openresty/1.15.8.1
date: Sat, 27 Nov 2021 11:28:26 GMT
x-powered-by: Express
access-control-allow-origin: https://gagadaily.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 251E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

57ms
56ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 27 Nov 2021 11:28:26 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 11:28:26 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 27 Nov 2021 11:28:26 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame FF2D 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 14:41:34 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CE72 12 KB
9 KB 41ms
24ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc0a09090bab467725dcf73d3bbe4a7b761d9b9dec95cdb9d8ec33a65a5f6f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 11:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9205
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CE72 17 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 27 Nov 2021 11:28:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame AEF8 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 27 Nov 2021 11:04:51 GMT
expires: Sun, 27 Nov 2022 11:04:51 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8980 783 B
533 B 18ms
18ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6576a91a1bc8b78ffcceafb6ce77bd67f11f0751cddd1045e494fb5d74cec320

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fV8VKVrWpr2bqcrrxakS0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 27 Nov 2021 11:28:26 GMT
date: Sat, 27 Nov 2021 11:28:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-fV8VKVrWpr2bqcrrxakS0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame AEF8 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 14:41:34 GMT

GET
H3 200 container.html Show response
86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E011 6 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 11:28:26 GMT
expires: Sun, 27 Nov 2022 11:28:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8980 0
0 42ms
42ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=4166182199582379&rc=
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame E011 2 KB
532 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
URL: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 09:45:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Nov 2021 11:28:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Nov 2021 11:28:26 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E011 1 KB
884 B 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
URL: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:16:32 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E011 0
0 48ms
48ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-V8QWRaiYa2-PPeKjuwP2u6jwATF46TiZuDbsOTICY3omqDNCxABINGH0iBglcKKgpgHoAHor-yIA8gBCakCPVGexJX9sj7gAgCoAwHIA5sEqgTdAU_QL8Ivf9P_UBoF-jHqXptZ7QMfWi7c-63yZQXLB6tYkaxjK-b_vrrC4cXSHKRH8lS9ggNBuPm3Z5N4JF7cHQUX4XOC1zhV_7SJWWQvmwiqD7cqfDXFK1NgriebG8lUYYzEpvbgjWjW-8jPSlSUjt04zkYhhw9bFZxr_fZGDeHSddbeHx-xdckadkMoxymEO5qnxvF_BKcAMIxssIpwqH5c5OFNzW_GOsNzYawEhB9uuKBwBRLhtvYHUSrXxdGNu3v5SuvDQe1D2T5AhBcX7uURhesbD5fOXJfJN7OOwAS8-ajcgwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHgNCTd6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBCu3wHSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTE2MTI0MDAwNDMzMTIzMzWACgPICwHYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItOTY4NTczNDQ0NTQ3NjgxNBjR9xg&sigh=uQxzEvm7iNU&uach_m=[UACH]&template_id=494
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame E011 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
URL: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:18:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E011 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
URL: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:23:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E011 119 KB
36 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
URL: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 11:28:26 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E011 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
URL: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 11:21:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E011 0
0 14ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjlrS3M7PSq1zmygxiRsFVj117fSv0zkft65DTnsG-i5padgqXM3x4ufbLmn4JpjQexrb3
Requested by: Host: 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
URL: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame E011 27 KB
12 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
URL: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 18:26:15 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E011 16 KB
16 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQk1B_P-HYMpRptzClcxcJzD21BswejT2fF1MrbS4FlHvxZKaXODOl1hR0WHA&usqp=CAI

Requested by

Host: 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
URL: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34c79fb9f4a2689d4d74404dea0ff021b0894efe5e5d0c148bf6f1ed794adc44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:21:55 GMT
x-content-type-options: nosniff
age: 234391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16175
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 08:20:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 18:21:55 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E011 26 KB
27 KB 43ms
7ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRZQMTvpijloHiHF9Cnm80q7eF2bh1dLzT8uHrNssU1UdvG8EA&usqp=CAI

Requested by

Host: 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
URL: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4cbb70b8576b75b11d1f19429d39f03d9ea9f1796f7b2a357c4e34dfa1c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:45:11 GMT
x-content-type-options: nosniff
age: 286995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26683
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 07:27:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 03:45:11 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E011 36 KB
36 KB 48ms
13ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQtegV2CZ11fC4n8wxeR_hPzquWPhIq7lT-ToyAFFD1HvlTddE&usqp=CAI

Requested by

Host: 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
URL: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d638e44d5d994274669a660791e7a815487967213100b200205a2b55e000f6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:26:29 GMT
x-content-type-options: nosniff
age: 396117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36512
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 06:59:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 22 Nov 2022 21:26:29 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E011 7 KB
7 KB 54ms
7ms Image
image/png 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT0FeV1VtFud1eet9cNrUGROtFFx1f64wT0uwkHl4gxUirxhJA&usqp=CAI

Requested by

Host: 86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
URL: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5ac72556ce8b66d98fd8bba8465b9e236a65046592f90b42f5b3f0bc8c07938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:00:13 GMT
x-content-type-options: nosniff
age: 242893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6844
x-xss-protection: 0
last-modified: Fri, 30 Aug 2019 10:06:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 16:00:13 GMT

GET
DATA 200
OK truncated
/ Frame E011 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47105bbd58ee7705ca92d835272c80c8ad7be616fc11993c8addd7fa195eda30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame E011 20 KB
21 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:49:59 GMT
x-content-type-options: nosniff
age: 265107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 09:49:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 20ms
19ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66eebfbed68b85035bd985685dfad3d45e93014675f54b79c2bfd7a6ed12938a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 11:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9359
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 27 Nov 2021 11:28:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4BC9 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 27 Nov 2021 11:04:51 GMT
expires: Sun, 27 Nov 2022 11:04:51 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F455 783 B
535 B 16ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

781cfea83e2fd73d8613d9b626bd6a535af51a5a01d68e65dd16fd092028653e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b0HdxvFzDCy6lhZW1N/aCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 27 Nov 2021 11:28:26 GMT
date: Sat, 27 Nov 2021 11:28:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-b0HdxvFzDCy6lhZW1N/aCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE72 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=4166182199582379&bg=!IiGlIWXNAAZQLpa_UC47ACkAdvg8WrJ5LBCfXAz3XAFbjUhH0cxcPYN6Uuq8YrG66IRko2opGBcRNwIAAAC4UgAAACJoAQcKAHgW6NDI6qvjsXHXy1yREDAWbu29r8rGwn5fiW95P2OYqazKx5dYuk42hQr41ictq-lOu5UAeCJUJ8_fvzO9rn1am8iBl0uCyaJ8vYjmH7M8oSfKtOLOL8Mk63CW67q8kut2vFtUoQDR54EeZWxSl_pTotDmci21rfeZAoU5y3tQ6wyoNtxERGTnJ3iwhq6sOQAmQy1xFp_tFRuebCn5Y61IkZsAy7Y_Sn9K0iFKGxNbkLUgJOCMOKjO_4O73Jaca__zxejd_oANTWj4OpidrwnSk1juoROVRfx2FFeJvfhgWcdCDVzutoBSiBbk4nilka7JhP1p7s41m9qD9Sje0dboO_dGxvaFKGzq1539ITZ0T2-uKpJg6zRUtz44IO6oQFJBlYdow0bDSOZvtYhdLs1Ic6PkjR_gyHv1IdSD2V66TM3QrFspbU4ge4DORc1V9CRXD9h2ZL7V73bmjMzZHcseWlEILp1fkVejlRKGlwPYRPCRxYyRmfw6UMMrkmtxJfOo5dlwyZSK2_UQAuqPc772BrE7Jy7zyuoB-sRPhCUevNj0urtKXSqhDyouY0FLEXmFh1JgEjBxLplYIOOt4nc8QaNTBJ3l8Ei5zcuk-Wh-NsG3tHwl24JT33LTlqBJfAJMaFeWnrckoswoV7qzXaVDRek30HpNSAmV5AAhJ_MUj34dCmifMyWZz4Fb_68kGGnVm80HIJsw4mn8HX_Lw9mbcvsJGwmJzZ2tVJd-5HR6KUZGNeawB8eBsvTcftaIvbKPQJyAelNYQ_cJ8fIuB_gjr9HNgmEoZU2wqciQSAnGsDbl3vLSdcAQbQ4Y_dPqRrQ3pGEPJ5qrEtLUHfnpBj1yE2OAaxMOJZEIP1AgehpWagxOWJPFiITnmwZRP7v7fZnO7OBDsAI9eVdT5ykt4bbi4IKNMcbJF3cJnAv5IWEzsiXjvf_m-nwULMM1tPSbjpTkDcZGhvSzdNH3H4o1DyoLXWJABEkA_UfywkANXyxlJth13La_Bg83OABH0zsq0QU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 11:28:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F455 0
0 56ms
56ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=1748110458736248&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BC9 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 14:41:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=1748110458736248&bg=!BgWlBUHNAAZQLpa_UC47ACkAdvg8Woy06cDbWn_71LakuWYMjTnU2sI_BQwuPDkWKb8_k_5lZ8nNNwIAAACvUgAAACFoAQcKADCTGPEi4MQJMDjUfrK0KG8QwQiJQ8jZfdXtsyKITEgYSwGngA3SjbSu3mkreEO6a0qZAnvrYMlVlid6dNASi1EzVkCSdvtPHQpPyujrywMvAzZu2GDnCXhYkI2PxYIN84acE52hZtquakyqwMahPjlGPFEKauPCxCJ7S7u6jQlC8pvSVCTDdSnLaOviKhy0NqpwVPnILVIQ0qX1US-zV_5lMpmDOy5OhYN3Mq_-ltSl9y1aKthjTZF1exyWK1PbIzUPiwO1Fq_-ZnhnN1D7oK-yvCSX0tctInQt41HzUwf-6z8ayXMK4U5OZFSPgVD8FT5dN64dwrEUHlewWXMi0_9ebl_TYgJm0hk9d_UCMVYKQ6gpOCNeYXI9YCkG5NWwU-puDVbT9v4FKBSovcZC_hVE54jMd0rd-ydNOXAwb8BCo1tsh1PptoHrO6tt9y3moBe7XOgJk3d_tvj5poMp0oMDDLsPqejWVx6kdeLp1Figr4cBuMyqzL8z1rchRXTKfNqAHjqIu4Xf6gQu9QsL70x-RpOyO9fQBX2Q-Hr0Nh53dkj-6FV10Hs2G5x8_1iRkxf9gX0_qAiMz_5vlsBfwtZt39Q90Qm7B-55bMvaq4wclIr4AmEZJGdmiHGquBzXzkqoOj4hddGRngx1K3c1qMBDf12e8QCn5KWeA3sVbKuW_pBUzdSaCdizpzq3ACWkFbMswzYALYhkNmf-OC8yBmZmSYt_16998epXyWhyL4K3hXt6DrF9qyLW-ytEYudbLVCfDxVGdVPkm9cMSoXMkq03S88C_Z6rdyqIoxDvnd84gmGjN2OkRCf29OwxVk4VZ3qVp156vlID0Vgh8pI7wRAXSAbTY4E6NalzZjQr5tFDEA5hPI4eYkqtB_dboyJ4M1RcmIaJSLUEFOjEnIoqug

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 11:28:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A0D1 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9qCZ0HmDxFyMtm_pqNVdzwF3hRA6tq1Z9NPc3L1Ubv51UuRDi2J8EIe7yi02mafiiRa-TCI3JXTOxvaefIAsiwtqZ_CkNfx3eEEZV0Nj726BExCBjPA&sai=AMfl-YSsCmK5pYjpm8NU_87Tl3pGp3WiXUgRQnOnKLjWJYIavH5JA-6F27We-3_x6sNDRiCEYNaep3Q2f6ld&sig=Cg0ArKJSzFYND6IS3F39EAE&id=lidar2&mcvt=1033&p=0,0,188,728&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2784051227&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638012505090&rpt=931&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 11:28:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/MptYvWM-LfA/ 39 KB
39 KB 36ms
14ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/MptYvWM-LfA/sddefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fa373462aec1d648ea3b9aa075b01f9e4e7bcf27b6d6b0f3912b6b4a610a550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:01:55 GMT
x-content-type-options: nosniff
age: 1592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39900
x-xss-protection: 0
server: sffe
etag: "1627364324"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 27 Nov 2021 13:01:55 GMT

GET
H2 200 play_button_white.png
cdn.feature.fm/images/ 3 KB
4 KB 12ms
12ms Image
image/png 143.204.98.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.feature.fm/images/play_button_white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-64.fra50.r.cloudfront.net

Software

openresty/1.15.8.1 / Express

Resource Hash

3fe3e963f3461ff5e7352d912ae9eb748e0f83d00873676d879ec5a57484c61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
etag: W/"d47-1714f65f470"
age: 16498
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 3399
last-modified: Mon, 06 Apr 2020 12:10:14 GMT
server: openresty/1.15.8.1
date: Sat, 27 Nov 2021 06:53:29 GMT
content-type: image/png
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: -JCBvRMVcBzA2pP1crG9dpzJDHXsLOYHEX5tLNTvn-VDrWinIaI9oQ==

GET
H2 200 artworks-QZqAXLWCImDXpKgU-73tfRg-t500x500.jpg
i1.sndcdn.com/ 42 KB
42 KB 62ms
10ms Image
image/jpeg 143.204.98.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-QZqAXLWCImDXpKgU-73tfRg-t500x500.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-59.fra50.r.cloudfront.net
Software: /
Resource Hash: 6dde1c14cc47c703d9d0e17890deec62caf43f1eee3aecb04bbf49d39534951b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 20:17:24 GMT
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
age: 1005063
access-control-allow-methods: GET
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
x-amz-cf-id: ixVhs4n4v9H0cx8uCQmlFb175Nz3DPVBJHOyOeDXDZ_mW5mxlkx0UA==

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/tdVElKUtwww/ 35 KB
36 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/tdVElKUtwww/sddefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30263f0f64bbd9aca06d57be29f25d98e3633c535537c03dda895b24fe179b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:13:30 GMT
x-content-type-options: nosniff
age: 897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36093
x-xss-protection: 0
server: sffe
etag: "1633102155"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 27 Nov 2021 13:13:30 GMT

GET
H2 200 artworks-C6BbsY4dHHosDwzY-eBn70Q-t500x500.jpg
i1.sndcdn.com/ 59 KB
60 KB 67ms
16ms Image
image/jpeg 143.204.98.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-C6BbsY4dHHosDwzY-eBn70Q-t500x500.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-59.fra50.r.cloudfront.net
Software: /
Resource Hash: 502e79d99ef3023d2cfe120601f1699232ee581e301dd210ddc8a7bf0fc50204

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:25:24 GMT
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
age: 439383
access-control-allow-methods: GET
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
x-amz-cf-id: Rn8cAExBVkNurATgoNfnUu3Pfeik5HjhYqRPJyaWvWSq-LqEVYcfKg==

GET
H2 200 feature_fm_no_text_logo.png
cdn.feature.fm/images/ 17 KB
18 KB 11ms
11ms Image
image/png 143.204.98.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.feature.fm/images/feature_fm_no_text_logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-64.fra50.r.cloudfront.net

Software

openresty/1.15.8.1 / Express

Resource Hash

52aa0ab8c7bb871b88c3dd37bc64e11f65242e9f59858b049c26b3fdbb916f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
etag: W/"451c-1714f65f470"
age: 26654
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 17692
last-modified: Mon, 06 Apr 2020 12:10:14 GMT
server: openresty/1.15.8.1
date: Sat, 27 Nov 2021 04:04:13 GMT
content-type: image/png
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: vwA3mG-3C3O7cLB7rcbfI17jhz66ZXT9MemV6H-9SbaB_027CW5KVQ==

GET
H2 204 a.gif
graph.feature.fm/track/ 0
175 B 172ms
171ms Image
text/plain 44.225.6.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://graph.feature.fm/track/a.gif?data=eyJ0aWQiOiI2MWEyMTY1YjYzMWIxMTc0NzllZmE3MjQiLCJjaWQiOiI2MTIwYjg2ZjNjMDAwMDE1ZDNlODc3MGMiLCJjdGEiOnsidHlwZSI6InNoYXJlcyIsIm5hbWUiOiJTaGFyZSBvbiBGYWNlYm9vayIsInVybCI6Imh0dHBzOi8vd3d3LmZhY2Vib29rLmNvbS9kaWFsb2cvc2hhcmU_YXBwX2lkPTYyMjY0ODA5NDU0MTgxOSZkaXNwbGF5PXBvcHVwJmhyZWY9aHR0cHMlM0ElMkYlMkZ3d3cuZmVhdHVyZS5mbSUyRnNoYXJlJTJGNjEyMGI4NmYzYzAwMDAxNWQzZTg3NzBjLjYxYTIxNjViNjMxYjExNzQ3OWVmYTcyNCZyZWRpcmVjdF91cmk9aHR0cHMlM0ElMkYlMkZ3d3cuZmVhdHVyZS5mbSUyRnNjcmlwdHMlMkZjbG9zZS13aW5kb3cuaHRtbCJ9LCJyaWQiOiJiM2QwZmM1OC05NzkzLTQyYjAtOGQ4NS01NTZmOWM4M2ZhZWMiLCJ2aWQiOiI5MGQ2N2U2NC1jYzI1LTQ3NDktOWE5Yi00ZThhM2FkMDYxNzkiLCJha2V5IjoiMDBiM2YxZTIwNDcyNDAxZGIwNGM1OTQyMjA5YWE2NjgiLCJwbGNtbnQiOiJkZWZhdWx0LXBsYWNlbWVudCIsImt3IjpbInBvcCIsImluZGllIHBvcCIsInBvcCByb2NrIiwicG9wIHB1bmsiLCJ0b3AgNDAiLCJnYWdhZGFpbHkuY29tIl0sImN0IjoiNmZiZWJlZjMtNzViMS00MDA1LTg2YjctYmM3Mzc4ZTNkODQ4IiwiaXAiOiI3OC40Ny4yMDguMjkiLCJwYWdlIjoiaHR0cHM6Ly9nYWdhZGFpbHkuY29tLyIsImV2ZW50X25hbWUiOiJpbXByZXNzaW9uIn0&ts=1638012507518&api_key=00b3f1e20472401db04c5942209aa668

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

44.225.6.40 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-6-40.us-west-2.compute.amazonaws.com

Software

openresty/1.15.8.1 / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:27 GMT
cache-control: max-age=64000
access-control-allow-credentials: true
server: openresty/1.15.8.1
vary: Origin
x-powered-by: Express
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 204 a.gif
graph.feature.fm/track/ 0
175 B 175ms
174ms Image
text/plain 44.225.6.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://graph.feature.fm/track/a.gif?data=eyJ0aWQiOiI2MWEyMTY1YjYzMWIxMTc0NzllZmE3MjMiLCJjaWQiOiI2MTkxZThkZDNhMDAwMDJiNjVjNGJjOTYiLCJjdGEiOnsidHlwZSI6ImN1c3RvbSIsIm5hbWUiOiJIZWFyIE15IEVQIiwidXJsIjoiaHR0cHM6Ly9mZm0udG8vbXlsb2ZpeG1hc3ZvbDEifSwicmlkIjoiYjNkMGZjNTgtOTc5My00MmIwLThkODUtNTU2ZjljODNmYWVjIiwidmlkIjoiOTBkNjdlNjQtY2MyNS00NzQ5LTlhOWItNGU4YTNhZDA2MTc5IiwiYWtleSI6IjAwYjNmMWUyMDQ3MjQwMWRiMDRjNTk0MjIwOWFhNjY4IiwicGxjbW50IjoiZGVmYXVsdC1wbGFjZW1lbnQiLCJrdyI6WyJwb3AiLCJpbmRpZSBwb3AiLCJwb3Agcm9jayIsInBvcCBwdW5rIiwidG9wIDQwIiwiZ2FnYWRhaWx5LmNvbSJdLCJjdCI6IjZmYmViZWYzLTc1YjEtNDAwNS04NmI3LWJjNzM3OGUzZDg0OCIsImlwIjoiNzguNDcuMjA4LjI5IiwicGFnZSI6Imh0dHBzOi8vZ2FnYWRhaWx5LmNvbS8iLCJldmVudF9uYW1lIjoiaW1wcmVzc2lvbiJ9&ts=1638012507729&api_key=00b3f1e20472401db04c5942209aa668

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

44.225.6.40 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-6-40.us-west-2.compute.amazonaws.com

Software

openresty/1.15.8.1 / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:27 GMT
cache-control: max-age=64000
access-control-allow-credentials: true
server: openresty/1.15.8.1
vary: Origin
x-powered-by: Express
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 204 a.gif
graph.feature.fm/track/ 0
175 B 176ms
175ms Image
text/plain 44.225.6.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://graph.feature.fm/track/a.gif?data=eyJ0aWQiOiI2MWEyMTY1YmVkMGU1ZTY0NDhjMTY4MzQiLCJjaWQiOiI2MTk4MjMxMjNiMDAwMGE5MDk0YzFmOGYiLCJjdGEiOnsidHlwZSI6InNoYXJlcyIsIm5hbWUiOiJTaGFyZSBvbiBGYWNlYm9vayIsInVybCI6Imh0dHBzOi8vd3d3LmZhY2Vib29rLmNvbS9kaWFsb2cvc2hhcmU_YXBwX2lkPTYyMjY0ODA5NDU0MTgxOSZkaXNwbGF5PXBvcHVwJmhyZWY9aHR0cHMlM0ElMkYlMkZ3d3cuZmVhdHVyZS5mbSUyRnNoYXJlJTJGNjE5ODIzMTIzYjAwMDBhOTA5NGMxZjhmLjYxYTIxNjViZWQwZTVlNjQ0OGMxNjgzNCZyZWRpcmVjdF91cmk9aHR0cHMlM0ElMkYlMkZ3d3cuZmVhdHVyZS5mbSUyRnNjcmlwdHMlMkZjbG9zZS13aW5kb3cuaHRtbCJ9LCJyaWQiOiJiM2QwZmM1OC05NzkzLTQyYjAtOGQ4NS01NTZmOWM4M2ZhZWMiLCJ2aWQiOiI5MGQ2N2U2NC1jYzI1LTQ3NDktOWE5Yi00ZThhM2FkMDYxNzkiLCJha2V5IjoiMDBiM2YxZTIwNDcyNDAxZGIwNGM1OTQyMjA5YWE2NjgiLCJwbGNtbnQiOiJkZWZhdWx0LXBsYWNlbWVudCIsImt3IjpbInBvcCIsImluZGllIHBvcCIsInBvcCByb2NrIiwicG9wIHB1bmsiLCJ0b3AgNDAiLCJnYWdhZGFpbHkuY29tIl0sImN0IjoiNmZiZWJlZjMtNzViMS00MDA1LTg2YjctYmM3Mzc4ZTNkODQ4IiwiaXAiOiI3OC40Ny4yMDguMjkiLCJwYWdlIjoiaHR0cHM6Ly9nYWdhZGFpbHkuY29tLyIsImV2ZW50X25hbWUiOiJpbXByZXNzaW9uIn0&ts=1638012507520&api_key=00b3f1e20472401db04c5942209aa668

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

44.225.6.40 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-6-40.us-west-2.compute.amazonaws.com

Software

openresty/1.15.8.1 / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:27 GMT
cache-control: max-age=64000
access-control-allow-credentials: true
server: openresty/1.15.8.1
vary: Origin
x-powered-by: Express
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 204 a.gif
graph.feature.fm/track/ 0
175 B 176ms
176ms Image
text/plain 44.225.6.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://graph.feature.fm/track/a.gif?data=eyJ0aWQiOiI2MWEyMTY1YjYzMWIxMTc0NzllZmE3MjUiLCJjaWQiOiI2MTk4NWVhZTNiMDAwMGZiYjI3NzA4N2YiLCJjdGEiOnsidHlwZSI6ImN1c3RvbSIsIm5hbWUiOiJEaXNjb3ZlciBNZSIsInVybCI6Imh0dHBzOi8vc291bmRjbG91ZC5jb20vYWxleGpvcmRhbmZubSJ9LCJyaWQiOiJiM2QwZmM1OC05NzkzLTQyYjAtOGQ4NS01NTZmOWM4M2ZhZWMiLCJ2aWQiOiI5MGQ2N2U2NC1jYzI1LTQ3NDktOWE5Yi00ZThhM2FkMDYxNzkiLCJha2V5IjoiMDBiM2YxZTIwNDcyNDAxZGIwNGM1OTQyMjA5YWE2NjgiLCJwbGNtbnQiOiJkZWZhdWx0LXBsYWNlbWVudCIsImt3IjpbInBvcCIsImluZGllIHBvcCIsInBvcCByb2NrIiwicG9wIHB1bmsiLCJ0b3AgNDAiLCJnYWdhZGFpbHkuY29tIl0sImN0IjoiNmZiZWJlZjMtNzViMS00MDA1LTg2YjctYmM3Mzc4ZTNkODQ4IiwiaXAiOiI3OC40Ny4yMDguMjkiLCJwYWdlIjoiaHR0cHM6Ly9nYWdhZGFpbHkuY29tLyIsImV2ZW50X25hbWUiOiJpbXByZXNzaW9uIn0&ts=1638012507728&api_key=00b3f1e20472401db04c5942209aa668

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

44.225.6.40 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-6-40.us-west-2.compute.amazonaws.com

Software

openresty/1.15.8.1 / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:27 GMT
cache-control: max-age=64000
access-control-allow-credentials: true
server: openresty/1.15.8.1
vary: Origin
x-powered-by: Express
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 services Show response
g2.gumgum.com/zones/44febe90/ 476 B
664 B 43ms
42ms XHR
application/json 34.249.15.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/zones/44febe90/services?dp=https%3A%2F%2Fgagadaily.com%2F&pu=https%3A%2F%2Fgagadaily.com%2F&ogu=https%3A%2F%2Fgagadaily.com&rf=&r=3.85.12&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.85.12%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9523&bf=614d3dd9c296405d0746fdcaf6e253af4c86a77a&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1638012508112&to=0&vpii=false&vph=1200&vpw=1600
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.15.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-15-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 900ac0f4e32d56f234b1cc8c152c2ce1b945017d1ae56c85f68960c7673ea63f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 11:28:28 GMT
content-encoding: gzip
server: nginx
etag: W/"07f414dea2e29d205f843bb04db3cbd70"
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://gagadaily.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8

GET
H2 200 inscreen Show response
g2.gumgum.com/ 294 B
548 B 36ms
36ms XHR
application/json 34.249.15.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/inscreen?pu=https%3A%2F%2Fgagadaily.com%2F&ogu=https%3A%2F%2Fgagadaily.com&rf=&pv=77a4fcda-3d9c-4b84-9ee4-9d89f4adf5aa&r=3.85.12&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.85.12%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9523&bf=614d3dd9c296405d0746fdcaf6e253af4c86a77a&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1638012511762&to=0&vpii=false&vph=1200&vpw=1600&t=44febe90&sqc=1
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.15.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-15-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3e030521c505a3916c1008644a92045bf3ce55028a8a9701cb4fd7f21bef38e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 11:28:31 GMT
content-encoding: gzip
server: nginx
etag: W/"0cd7519dc7508ff6050c1b8f3f5e38731"
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://gagadaily.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=1&c4=44febe90&c7=https%3A%2F%2Fgagadaily.com%2F&c8=Gaga%20Daily&c9=&cv=2.0&cj=1&ns__t=1638012511770
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=1&c4=44febe90&c7=https%3A%2F%2Fgagadaily.com%2F&c8=Gaga%20Daily&c9=&cv=2.0&cj=1&ns__t=1638012511770

64 B
329 B

14ms
14ms

Image
image/gif

143.204.98.86

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=1&c4=44febe90&c7=https%3A%2F%2Fgagadaily.com%2F&c8=Gaga%20Daily&c9=&cv=2.0&cj=1&ns__t=1638012511770
Protocol: H2
Server: 143.204.98.86 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:31 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: A9Q7lKasoRpA3PblMIYPppm6hPWiazcCj8dZzyb67flf0TOyquVjdg==

Redirect headers

date: Sat, 27 Nov 2021 11:28:31 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=1&c4=44febe90&c7=https%3A%2F%2Fgagadaily.com%2F&c8=Gaga%20Daily&c9=&cv=2.0&cj=1&ns__t=1638012511770
content-length: 177
x-amz-cf-id: aBaDbwksqp50GinucZnZgEhygEHEcwXeftbNjTPSy8ISeLOerWdfeg==

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 78D4 24 KB
10 KB 51ms
8ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: gagadaily.com
URL: https://gagadaily.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:28:31 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sat, 04 Dec 2021 11:28:31 GMT

GET
H2 200 rules-p-00TsOkvHvnsZU.js Show response
rules.quantcount.com/ Frame 78D4 3 B
429 B 49ms
7ms Script
application/javascript 2600:9000:2156:0:6:44e3:f8c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:6:44e3:f8c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:20:24 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
age: 61688
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:30:30 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: FCBElwn4LmNss602T1XnhpvalOaosuq-sMGYffYdFSBuYWUKpJZUug==

GET
H2 200 pixel;r=876495420;labels=Entertainment.44febe90.*_gagadaily_com;rf=0;a=p-00TsOkvHvnsZU;url=https%3A%2F%2Fgagadaily.com%2F;uht=2;fpan=1;fpa=P0-1189534692-1638012511931;pbc=;ns=1;ce=1;qjs=1;qv=92a367...
pixel.quantserve.com/ Frame 78D4 35 B
371 B 36ms
11ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=876495420;labels=Entertainment.44febe90.*_gagadaily_com;rf=0;a=p-00TsOkvHvnsZU;url=https%3A%2F%2Fgagadaily.com%2F;uht=2;fpan=1;fpa=P0-1189534692-1638012511931;pbc=;ns=1;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=gagadaily.com;je=0;sr=1600x1200x24;dst=0;et=1638012511931;tzo=0;ogl=

Requested by

Host: gagadaily.com
URL: https://gagadaily.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gagadaily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 11:28:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d2szg1g41jt3pq.cloudfront.net
URL: https://d2szg1g41jt3pq.cloudfront.net/

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gagadaily.com/	1969-12-31 23:59:59	Name: ips4_IPSSessionFront Value: 5fdcc468b5a4e0ccfaf69f68897d91c4
gagadaily.com/	1969-12-31 23:59:59	Name: ips4_guestTime Value: 1638012504
gagadaily.com/	1970-01-19 23:01:38	Name: dmxRegion Value: true
gagadaily.com/	1969-12-31 23:59:59	Name: ips4_ipsTimezone Value: Etc/Unknown
gagadaily.com/	1970-01-19 23:01:38	Name: ips4_hasJS Value: true
.gumgum.com/	1970-01-20 07:45:48	Name: cs Value: true
.gumgum.com/	1970-01-19 23:43:24	Name: loc Value: SfolTs1ZIlMnnZe2T75FNj7L0IwENh0toMiY_WUGaCMmvA0QjXoIBhD-kAFLVupwGyLppyr87AOiHI0AodqNmf_HB0O8wUWpj2qr3YXR1SUqa9jqS-Y2Xw
.gumgum.com/	1970-01-20 07:45:48	Name: vst Value: e_b82d0012-8ff2-4009-a7f8-46a3bbd29552
.gagadaily.com/	1970-01-20 16:31:24	Name: _ga Value: GA1.2.1407970679.1638012505
.gagadaily.com/	1970-01-19 23:01:38	Name: _gid Value: GA1.2.71821848.1638012505
.gagadaily.com/	1970-01-19 23:00:12	Name: _gat_gtag_UA_10041953_1 Value: 1
.id5-sync.com/	1970-01-19 23:00:12	Name: cf Value:
.id5-sync.com/	1970-01-19 23:00:12	Name: cip Value:
.id5-sync.com/	1970-01-19 23:00:12	Name: cnac Value:
.id5-sync.com/	1970-01-19 23:00:12	Name: car Value:
.id5-sync.com/	1970-01-19 23:00:12	Name: gdpr Value:
.id5-sync.com/	1970-01-19 23:00:12	Name: id5 Value: 96b9fed1-a7d5-4fcc-aed6-27364cef6dd6#1638012505128#1
.id5-sync.com/	1970-01-19 23:00:12	Name: callback Value:
.360yield.com/	1970-01-20 01:09:48	Name: tuuid Value: 628a1bb9-6bae-45ef-97dd-9f595eef8323
.360yield.com/	1970-01-20 01:09:48	Name: tuuid_lu Value: 1638012505
.360yield.com/	1970-01-20 01:09:48	Name: um Value: !79,xSySwX5.rRdBl4hNClTvADHfd5VLAUZMunpDlsbpE2hoh.oWks83yIMlMpzsrjKLQfNFF9lHAo9gr6Da,1645788505!313,xSySwbUJ22zbY0ihMkiyGw1GqppFBzT-Feop3WTsObAeBh4N180.MkfgtlA1kWm.0iaLd2jgKWOLiltd,1645788505
.360yield.com/	1970-01-20 01:09:48	Name: umeh Value: !79,0,1700220505,-1!313,0,1700220505,-1
ads.avct.cloud/	1970-01-20 07:45:48	Name: uuid Value: 0903f1b7-b854-4546-a76d-b9084d8905a2
.doubleclick.net/	1970-01-20 08:21:48	Name: IDE Value: AHWqTUlgNk-2bfMoRpRaXxiNplKhyiKJKg4FrRW3nYPtzUSVrKqp6EPta60UIjPRIdA
.doubleclick.net/	1970-01-19 23:00:16	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 01:09:48	Name: uuid2 Value: 8313753381490270782
.mediarithmics.com/	1970-01-20 07:45:48	Name: mics_vid Value: 22821850788
.mediarithmics.com/	1970-01-20 07:45:48	Name: mics_uaid Value: web:1:95abb85d-fa21-4ab6-bfbc-ccf006a4166b
.mediarithmics.com/	1970-01-20 07:45:48	Name: mics_lts Value: 1638012506093
.id5-sync.com/	1970-01-20 01:09:48	Name: 3pi Value: 146#1638012505593#1887615356\|18#1638012506117#-1993945643\|916#1638012505292#279412063\|441#1638012505140#48\|124#1638012505350#279412063
.gagadaily.com/	1970-01-20 08:21:48	Name: __gads Value: ID=ee972a2ec45bc6e5:T=1638012505:S=ALNI_MZTB_enjOj_4GKgWO5UtgnNAWbZrw
.crwdcntrl.net/	1970-01-20 05:28:59	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:28:59	Name: _cc_id Value: b4cdc5d4785100daa7b97fc4bdb0ac91
.crwdcntrl.net/	1970-01-20 05:29:00	Name: _cc_cc Value: "ACZ4XmNQSDJJTkk2TTExtzA1NDBISUw0T7I0T0s2SUpJMkhMtjRkAILERWJRIBoKAGl4Cwg%3D"
.crwdcntrl.net/	1970-01-20 05:29:00	Name: _cc_aud Value: "ABR4XmNgYGBIXCQWBaSgAAASgAF0"

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d2szg1g41jt3pq.cloudfront.net/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	sameorigin
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

86d8918fc8cc1c050b88e3d750ee3a74.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
api.feature.fm
c.gumgum.com
cdn.districtm.io
cdn.feature.fm
d2szg1g41jt3pq.cloudfront.net
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gagadaily.com
googleads.g.doubleclick.net
graph.feature.fm
i.ytimg.com
i1.sndcdn.com
js.gumgum.com
p.skimresources.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
r.skimresources.com
rules.quantcount.com
s.skimresources.com
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.districtm.net
st.districtm.ca
stats.g.doubleclick.net
sync.crwdcntrl.net
t.skimresources.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
d2szg1g41jt3pq.cloudfront.net
sync.crwdcntrl.net
104.16.190.66
142.250.186.98
143.204.98.25
143.204.98.59
143.204.98.64
143.204.98.80
143.204.98.86
151.139.128.11
185.33.221.11
2600:9000:2156:0:6:44e3:f8c0:93a1
2600:9000:2156:5400:17:b1c1:7040:93a1
2606:4700:3035::ac43:cf0e
2606:4700::6811:9342
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9a
34.214.64.244
34.249.15.20
35.190.59.101
35.190.91.160
35.201.67.47
44.225.6.40
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
084a69b8a10c3375e9871f8c166ebcab053aff4c44dfc550094c0ca37ec9abda
0a207cd88cad3d05ddbf6a59f70fd73da7b527b8afeb99b4a51e98353a8fd95f
0f1945072f7382a78b4fd022d3b73809e8bc450a35a8a73e599bb87f154fa360
122c03126a27f909f0687f0c6caae4f4629648dbf932927a4b1301a76f21c08c
12daee640d223939bd9983bda8b380ba2ba67373c9bd2dd1614980cbbc41132e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d1b7e628c69ab51a8dd5a5707947948a344968799859fd33941e62d8218937d
1e703d666fb7a3ed1576fe1c27800a1f9443e3ef8982c5bf6fa0a3cc378a25e6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30263f0f64bbd9aca06d57be29f25d98e3633c535537c03dda895b24fe179b64
31411682816809eec06fcfaee80c67a4fb5c9c9039b337a5266cfbde24de2dbc
34c79fb9f4a2689d4d74404dea0ff021b0894efe5e5d0c148bf6f1ed794adc44
35e050ce63b301bf44481987d04c8f73598989bca0680c1ee2271ab6d9067f23
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3768de08bab9594d97b9f68ad815cc8b74d1355ee58217f632df641b66b892e2
3e030521c505a3916c1008644a92045bf3ce55028a8a9701cb4fd7f21bef38e7
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3fe3e963f3461ff5e7352d912ae9eb748e0f83d00873676d879ec5a57484c61d
40539755fa9d11d33bf58bff8d851a36916a8724af41a33662702d31cb94f56e
4444120864fc67247cf47d03ea070c459cb41dfccc66a0d956eebfa745c38156
47105bbd58ee7705ca92d835272c80c8ad7be616fc11993c8addd7fa195eda30
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47d1943534243c0ac5921c144aee993e8990ab96433dcd2f989f1eda5be18f1d
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
502e79d99ef3023d2cfe120601f1699232ee581e301dd210ddc8a7bf0fc50204
504d98fc0bc0608889f7968422466204d23c561905ad2bd050bdc6643f6aa8b7
52aa0ab8c7bb871b88c3dd37bc64e11f65242e9f59858b049c26b3fdbb916f16
56b97f9bcb141cc4e04ebe1320dd6dab5fac7166c6977f92783e5762d2688e10
5af8c14620e9a056239e9017727f563fe4f2bc167d90ed8fb5e84c5b5fb01852
5cb00912f602a0063b26557250cf31a88fde20b02869103e03bfad4a2d2e7665
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6576a91a1bc8b78ffcceafb6ce77bd67f11f0751cddd1045e494fb5d74cec320
66eebfbed68b85035bd985685dfad3d45e93014675f54b79c2bfd7a6ed12938a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dde1c14cc47c703d9d0e17890deec62caf43f1eee3aecb04bbf49d39534951b
6e8845047f0beb53819fe09a51ee5e4b716d0f17d08aeed6644576ab0ebb6fa6
6fa373462aec1d648ea3b9aa075b01f9e4e7bcf27b6d6b0f3912b6b4a610a550
70bcf5330e20384e00f6f608252f65166975648750e930e93ea4b0fdeb8c31f7
71e15d5a8769ed219c47aeaaa7d022226039c7539131aeb80efe48eb0d78f7aa
781cfea83e2fd73d8613d9b626bd6a535af51a5a01d68e65dd16fd092028653e
7c4f57fe966d6031b207646243f1529fcff6dde7037d17cd5084bf955b13038d
7d69693604fb10d56662675f2e49b00a0435c93d5b62550aac77e860b0ed9c98
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
864c65883b83f3405a9cd723541e915e46a5b5bbae5d7d8d0384b5ca6e81d465
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b558196888076ac6af5cbba4ff2f9a8f2b08403dc56e457a1c100247fbad17e
8ee8c030108f2306df76bad97f09b8e44caad804b25e9aa5bbbf5b8213036da7
8feef7ec020853c28a2ba818812471d03ff6b19860b02d8632c1d224b12d85b4
900ac0f4e32d56f234b1cc8c152c2ce1b945017d1ae56c85f68960c7673ea63f
94d3a0d86a76fd96c3aa1c808f6ba19e1199a86e4ffdcfbbb01a40ea3d2dd46f
96f09183b54ab59a6075722852fb219e9cf7b68158c1940da5310dcbe22ce58c
9e460d2ec58094fc7103adb347455b44c05d10f2ccad870e162f81c6596e1622
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ad60741758d0baa31641657553b220cf508e4703aff332f0fa69e00a1acdd4
a2642ff743b32736bdf50aa64e1db62b05fabc8b86641a1c03de17e4ba3659a2
a2c3dfdabffd9eb1d77595df84b9efb9122f494a7a557cb69af6410a27460fd8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a902747da13598316cc40688a307315d550a918aa03428a214484433cee9b2eb
a98194af49364b4b567ebffe281727e0ff6abad5062846c6eba96265c574f608
aef558f43e1370c38f7a540c9cc7100a8d2f5f83b5c4ef5cb82ad8b24ac741a2
af231f62a58033c0b49bf9fa34b93741d211eb3665e722d88e2a9da320d5359d
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b4ea9eb3fcf137c01e4c557d24e4c737d17c947b157c561a2a464184e9f1b5b6
befa04815f5c3b9b588aab86555f40dafc6e19514a8d8a279653b83d8618347d
bf316c0e6184d922ee8ca78ccc051eb27ea94602d628e37496f98fbc776acba5
c57746b1dd4445b4953a0c474634d54f3ca01afee056f12bbace1d7c24e9128d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc8e0f64f6d214144d3c61bbb3e6ec6b1526f228cdc05cee547fb8c1cc6988d9
ceb6c8882d9bc2794f5b173df6a16482b3083ccfc0e0613953674558b29de460
d638e44d5d994274669a660791e7a815487967213100b200205a2b55e000f6e7
d6db44a1174d1106a574b61ff74135c0303b968aade398acd950cf46ff77de9e
d7bb7eb3281ee0b62ddd1929f3d91a1473044e92ff4a904dea182bd300087b10
d8ab7ae9e9ccf94258b9243409edf9356ec6a80a3a44cf664a24e8517861af91
d9d782e09e3a9a2ddb8c883b6fc760a5f19647e2c7387ce30c7f99120e1c3b89
db41b89054c29d62857d1f45a0d294574862d84508c03b1db32d917f0137528b
db63c6f0a4b2975c893e2dcefd885ac39e52ab4eaca6a31d058945605d47b17d
dc0a09090bab467725dcf73d3bbe4a7b761d9b9dec95cdb9d8ec33a65a5f6f3f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
de9cba88f70a79743b35f7210232379cc90160472124195f6d3dfdb76cd3d5b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cbb70b8576b75b11d1f19429d39f03d9ea9f1796f7b2a357c4e34dfa1c91c2
e5ac72556ce8b66d98fd8bba8465b9e236a65046592f90b42f5b3f0bc8c07938
e67da357bb7889ea070a76336c2aff0ec54130d8ebee1099c9ac7c7d281292cc
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
eabeb7a75c8848f482bad5a4ff11c916b05a8ec80ec1f378316b7505a7370017
eb5537408d5f96d4f93f55ca2a36d3de397281d7eaa5b791ba8c312b72157973
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b5993e011e71b931f2c2baceb1c175363539bef24b4b3a6cd43c6d938da767
f24abe6b74d629f3906b957e40f3857e145bfef9259411968057a0482b19b834
f571d90a45d019c1238025969d5c38acf536d4eb925668df1273e700af8474ae
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fcf806595067553a684ffd5fe62bbf2b49f087f15d67c67b1081f46c77efc6a9

gagadaily.com Open in urlscan Pro 2606:4700:3035::ac43:cf0e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

162 Requests

98 %HTTPS

58 %IPv6

25 Domains

42 Subdomains

37 IPs

7 Countries

4292 kBTransfer

7304 kBSize

35 Cookies

15 Outgoing links

Page URL History

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gagadaily.com Open in urlscan Pro
2606:4700:3035::ac43:cf0e Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

98 %
HTTPS

58 %
IPv6

25
Domains

42
Subdomains

37
IPs

7
Countries

4292 kB
Transfer

7304 kB
Size

35
Cookies

162 HTTP transactions
5 data transactions