www.on-the-fly-news.com Open in urlscan Pro
2600:9000:21f3:1a00:f:8f3b:1200:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
Submission: On June 28 via api (June 28th 2023, 2:15:25 am UTC) from US — Scanned from DE

Summary HTTP 88 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 18 domains to perform 88 HTTP transactions. The main IP is 2600:9000:21f3:1a00:f:8f3b:1200:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.on-the-fly-news.com. The Cisco Umbrella rank of the primary domain is 890174.
TLS certificate: Issued by Amazon RSA 2048 M01 on May 19th 2023. Valid for: a year.

This is the only time www.on-the-fly-news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2600:9000:21f... 2600:9000:21f3:1a00:f:8f3b:1200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
14	2600:9000:20e... 2600:9000:20eb:5600:19:4ac0:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
11	2606:4700:20:... 2606:4700:20::681a:550	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:d5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700:20:... 2606:4700:20::ac43:4728	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1f16:671... 2600:1f16:671:7f02:956b:c24d:3b6:fad	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
88	21

1 2600:9000:21f3:1a00:f:8f3b:1200:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.on-the-fly-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.mmctsvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::681a:550 (United States)

ASN13335 (CLOUDFLARENET, US)

content.wazimo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.wazimo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.wazimo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:d5f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.equalweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4728 (United States)

ASN13335 (CLOUDFLARENET, US)

bqstreamer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f16:671:7f02:956b:c24d:3b6:fad (Columbus, United States)

ASN16509 (AMAZON-02, US)

ekscapib.voltaxservices.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	299 KB
14	mmctsvc.com cdn.mmctsvc.com — Cisco Umbrella Rank: 27803	92 KB
11	wazimo.com content.wazimo.com — Cisco Umbrella Rank: 31739 cdn.wazimo.com — Cisco Umbrella Rank: 27164 media.wazimo.com — Cisco Umbrella Rank: 77005	351 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	279 B
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	59 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	56 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	466 KB
4	equalweb.com cdn.equalweb.com — Cisco Umbrella Rank: 17156	19 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 433 fonts.googleapis.com — Cisco Umbrella Rank: 88	91 KB
3	bqstreamer.com bqstreamer.com — Cisco Umbrella Rank: 15958	989 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
2	voltaxservices.io ekscapib.voltaxservices.io — Cisco Umbrella Rank: 124035	430 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	57 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4752	455 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	68 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	337 B
1	on-the-fly-news.com www.on-the-fly-news.com — Cisco Umbrella Rank: 890174	1 KB
88	18

	Domain	Requested by
14	cdn.mmctsvc.com	www.on-the-fly-news.com
9	content.wazimo.com	cdn.mmctsvc.com
9	pagead2.googlesyndication.com	cdn.mmctsvc.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.on-the-fly-news.com
8	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
6	www.facebook.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com
4	connect.facebook.net	content.wazimo.com connect.facebook.net
4	cdn.equalweb.com	content.wazimo.com cdn.equalweb.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	bqstreamer.com	ajax.googleapis.com
3	www.google-analytics.com	content.wazimo.com www.google-analytics.com
3	fonts.googleapis.com	content.wazimo.com googleads.g.doubleclick.net
2	ekscapib.voltaxservices.io	connect.facebook.net
2	www.google.com	tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	media.wazimo.com
1	cdn.wazimo.com
1	www.googletagmanager.com	content.wazimo.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	www.on-the-fly-news.com
1	www.on-the-fly-news.com
88	25

This site contains no links.

Subject Issuer	Validity	Valid
api.12up.com Amazon RSA 2048 M01	`2023-05-19` - `2024-06-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
cdn.mmctsvc.com Amazon RSA 2048 M02	`2023-05-05` - `2024-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-07` - `2023-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
ekscapib.voltaxservices.io Amazon RSA 2048 M02	`2022-12-21` - `2024-01-19`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
Frame ID: 2F29202D023F84F08536F5D81B807967
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
Frame ID: 8F7BB6169E1DFE70C0F02B961B0A8A3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910351605291781&output=html&adk=1812271804&adf=3025194257&lmt=1687918518&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687918518983&bpp=6&bdt=414&idt=100&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1989731829248&frm=20&pv=2&ga_vid=1743638428.1687918519&ga_sid=1687918519&ga_hid=891311489&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C31075630%2C44759876%2C44788441&oid=2&pvsid=34260552706451&tmod=933450182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121
Frame ID: A69F028B343467D96A357244AD57EFB6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910351605291781&output=html&slotname=2566744586&adk=3372386867&adf=4275511882&pi=t.ma~as.2566744586&w=0&fwrn=4&fwrnh=100&lmt=1687918518&rafmt=12&format=0xnull&url=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&fwr=0&fwrattr=true&rh=0&rw=0&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687918519226&bpp=2&bdt=657&idt=2&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5e575e880161b6b1-22895e60fee100cf%3AT%3D1687918519%3ART%3D1687918519%3AS%3DALNI_MahcIKm7rIn9DlWITYW5ppgKnIZYA&gpic=UID%3D00000c772d24936c%3AT%3D1687918519%3ART%3D1687918519%3AS%3DALNI_MaCyQXEg8mHj_9uLruvcO3SWc81iQ&prev_fmts=0x0&nras=1&correlator=1989731829248&frm=20&pv=1&ga_vid=1743638428.1687918519&ga_sid=1687918519&ga_hid=891311489&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C31075630%2C44759876%2C44788441&oid=2&pvsid=34260552706451&tmod=933450182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cer%7C&abl=CS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xHmtn5Lzu1&p=https%3A//www.on-the-fly-news.com&dtd=454
Frame ID: 1A56F9025B2F9A22CE7E5D378209BFFF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6689FAA59D970029F23422E80EF3BDDF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CF835FD50B58F4F70FDD544977A25C9D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
Frame ID: F76F7DCF4E42E747C7D6BBC628D0296E
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: E34AD6AD9A37ABCEEA88C894CC87A95F
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js
Frame ID: 865B1E37F319DA6FA4FDE1EB58F97B84
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get a Daily Horoscope

Detected technologies

EqualWeb (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.equalweb\.com.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

100 %
HTTPS

100 %
IPv6

18
Domains

25
Subdomains

21
IPs

3
Countries

1584 kB
Transfer

4535 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.on-the-fly-news.com/ua/thrillly-astrology/ 673 B
1 KB 538ms
476ms Document
text/html 2600:9000:21f3:1a00:f:8f3b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1a00:f:8f3b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: b5d51bb19a5e5f29dc5a8214e62696f68893b03ba1f6f0f6d2b9796630962aad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=300
content-length: 673
content-type: text/html
date: Wed, 28 Jun 2023 02:15:18 GMT
etag: W/6a4e652a5e006510de110f4997bb512517c828a114cf84f0994bd5fb59ba6ee2|dd69110efb3d5ed5e30bb55b3fae740e237006c0debb06dbf4b98e81400a5ab5
last-modified: Wed, 28 Jun 2023 02:15:18 GMT
referrer-policy: no-referrer-when-downgrade
server: CloudFront
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-id: cf2gqxvae5HQZv4ePObW31fP1zGZEbXqiS7ZEZQjdXeYn6O2DG360w==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
88 KB 96ms
13ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.on-the-fly-news.com
URL: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:15:23 GMT
x-content-type-options: nosniff
age: 7195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89501
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 00:15:23 GMT

GET
H2 200 bundle.js Show response
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 260 KB
75 KB 61ms
11ms Script
application/x-javascript 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/bundle.js
Requested by: Host: www.on-the-fly-news.com
URL: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: d4a3211ff3d19e9c73d0d75d567c1fe07cea6f7055140ef77d25bf326b0831e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 11:18:43 GMT
content-encoding: br
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 226596
etag: W/"cca8c10a96ce763d0890cfe6b3edcb42"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age: 300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: SoGRe5dPuvcIFUTcJrIvidP_X0Ke11Ld5jhTFUeHzgVk4jnT8XUQWA==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
48 KB 114ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0053391d438be682332232d443566ccc6bfeee47ffb5eca9fcd8708b3530de44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48434
x-xss-protection: 0
server: cafe
etag: 11015335314860656246
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 02:15:18 GMT

GET
H2 200 / Show response
content.wazimo.com/engine/common/widgets/genericFunnel/loader/ 12 KB
4 KB 311ms
276ms Script
application/javascript 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.wazimo.com/engine/common/widgets/genericFunnel/loader/?utm_source=facebook&domain=www.on-the-fly-news.com&baseFolder=topics&topic=thrillly-astrology
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: e41feb3a1c32f505024a176a26e9b3e2273ed10c2eea2b931d6dd7d1a64c31bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Q1WgsufRkbaHkDRKtociyTv9ucG3SgbmkdGZ1Xk5IWhWxduR1JmhHuONksjyEFkGYKZF83j%2FQSBLxyRH%2FMr%2FQNpAVOkYiGq%2FCwa85rJbAZnGPUz2GvhG6TZS8E1U2Vv1T9u6eSdmGgVh9PRnwWjxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 7de26bd6da841c0f-FRA

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/ 345 KB
119 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2910351605291781&plah=www.on-the-fly-news.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abf501522b9a05cf5684889374ba23e0fed1997cabe9ef17ab3720c70750ed6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121330
x-xss-protection: 0
server: cafe
etag: 11014975644979103979
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 02:15:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/ Frame 8F7B 10 KB
5 KB 194ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 09:01:54 GMT
etag: 15057649708203361565
expires: Tue, 11 Jul 2023 09:01:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 405 B
337 B 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.on-the-fly-news.com&callback=_gfp_s_&client=ca-pub-2910351605291781

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2910351605291781&plah=www.on-the-fly-news.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebfdc6673d4113b52743b45129d7edfdde042d862eccab5aebb552421c732f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 120ms
22ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.on-the-fly-news.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A69F 171 KB
48 KB 947ms
943ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910351605291781&output=html&adk=1812271804&adf=3025194257&lmt=1687918518&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687918518983&bpp=6&bdt=414&idt=100&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1989731829248&frm=20&pv=2&ga_vid=1743638428.1687918519&ga_sid=1687918519&ga_hid=891311489&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C31075630%2C44759876%2C44788441&oid=2&pvsid=34260552706451&tmod=933450182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f972e19ccc7f422d0b6a3e6aded6aeee03dd353d115ef3284cbf16bdeac93eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48932
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 02:15:20 GMT
expires: Wed, 28 Jun 2023 02:15:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 64ms
36ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230620&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa211acd4fb3d8eddd9333a4090437728df56561bda1c0569e351c01c77ca0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11252
x-xss-protection: 0

GET
H2 200 fonts.css
content.wazimo.com/engine/common/f100/css/ 227 B
527 B 15ms
14ms Stylesheet
text/css 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.wazimo.com/engine/common/f100/css/fonts.css
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aa39fbfbe348042de24e37332c2721d20ac03263bbdface1e582193ba871198

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 13 Feb 2023 07:54:23 GMT
server: cloudflare
age: 196
cf-polished: origSize=233
etag: W/"63e9ecaf-e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbMXclIPJElL%2FdxqL6LxFopkbhjwbKtgYekOfj8BD%2FiJuPPZXj6lu1fN2TCLwhEPVQRM%2BfnlBrEJbF%2BRY65rCfYJjG8M%2FjK%2FzRlFq3gY%2BYz5J0OF4AdX9YU2c%2BFPBV%2Bi%2FTNR2ZmYRhdoLzlfFB8sWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7de26bd89b951c0f-FRA

GET
H2 200 /
content.wazimo.com/engine/common/f100/css/ 287 KB
39 KB 363ms
362ms Stylesheet
text/css 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.wazimo.com/engine/common/f100/css/?static=true&extraCSS=astrology.css&version=f100&funnelColor=%234F6E93&funnelBGD=false&funnelBGM=false&device=desktop&pageVariation=ua_trl_otf_thrillly-astrology_no-mp_1&cb=f100.9
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: f6fa1a05caa4dadfda4d9b91df25437c64d3d7a8a1f28837acc31c212c051369

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 28 Jun 2023 02:15:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaGAO7IhNskxAZXFDcjYQB2lS0j5KxYXoug5P86iitgBGCRoOFb1x%2FjGNqJODAvaof7lJeze4N9TNiD5Fxcp%2FbMdPdxeRSe2PnjSoOD4bgz5LUJ5s1gmuqvCN5fuTumL6gdIocqwPAmXrX8BIBGMvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=14400
cf-ray: 7de26bd89b981c0f-FRA

GET
H2 200 header.css
content.wazimo.com/engine/common/f100/components/header/ 4 KB
1 KB 14ms
13ms Stylesheet
text/css 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.wazimo.com/engine/common/f100/components/header/header.css?cb=f100.9
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0449230bd6c24c21d1ca7b5f1d507a5093c597136a2c8ceeb1f2f953f5fb2efe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 11 Sep 2022 09:26:43 GMT
server: cloudflare
age: 2165
cf-polished: origSize=5354
etag: W/"631da9d3-14ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rovej%2FA7oUMc8uUFs7q6Uw9RUKC6LtQX3%2B%2FYeyL%2BWUITAPxsJdYyQEkxBCAvwfjIgEkFmY9r091oUPBUoDNcWRUosCZoABfkq%2B6VuPKmKmHmeNjAaFUpw13Sg7TFONtNuluLBzRarTa0DvOwd%2BTxhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7de26bd89b991c0f-FRA

GET
H2 200 footer.css
content.wazimo.com/engine/common/f100/components/footer/ 1 KB
695 B 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.wazimo.com/engine/common/f100/components/footer/footer.css?cb=f100.9
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1b3b324e5b21ded83a468545365cfc8b3add92f3a1a7c0e382b89c3f3a7fc46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 18 Jul 2022 08:11:46 GMT
server: cloudflare
age: 2165
cf-polished: origSize=1513
etag: W/"62d515c2-5e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfxcWxD8BJdA4hDaL1D3UpeDHAhNwg4WLK12Ni15h%2F5TrQmz7Wa%2BhXxILot%2F6Yw0lhCCgjeFbsfjlMUa7bIPpX6AJLOMwGiJJuA63CD%2BpoBLTSrMaOZwFh0F8PhCcSauAqEh03RpuPvEVUQdq9ZxSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7de26bd89b9c1c0f-FRA

GET
H2 200 / Show response
content.wazimo.com/engine/common/f100/js/min/ 298 KB
86 KB 22ms
22ms Script
application/javascript 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.wazimo.com/engine/common/f100/js/min/?static=true&v=57032
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: eac3fe7e64a97fa0da3ae72cc050144ed6da30c3e01b13ffd9ce7c9b48df18be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 01:39:14 GMT
server: cloudflare
age: 2165
cf-polished: origSize=333921
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuDjn5U%2FD7Qk8%2FxEFKMgLSrDGzUejiCzAw8jMb8YH0xB07mgauzrbTsYwqI7latngHk%2B8xfOOEEDwI5KTg0lcSuat6GMwIcOGufoipj7GIgrRklttVxpMNgMu9lrScQ%2FCP4HWkchmULiXxYKPXJrRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7de26bd89b9d1c0f-FRA

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 67ms
25ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Assistant:wght@300;400;600;700&display=swap&family=Baloo+2:wght@800&display=swap&family=Poppins:wght@100;300;400;500;600;700&display=swap&family=Russo+One:wght@400&display=swap

Requested by

Host: content.wazimo.com
URL: https://content.wazimo.com/engine/common/f100/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b73da7760660bbbe9cd638b7d4fce46e704e43ef151b6f5f5e159b843c6d240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.wazimo.com/engine/common/f100/css/fonts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 02:15:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jun 2023 02:15:19 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 88ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 02:15:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: content.wazimo.com
URL: https://content.wazimo.com/engine/common/f100/js/min/?static=true&v=57032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 01:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4238
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 28 Jun 2023 03:04:41 GMT

GET
H2 200 accessibility.js Show response
cdn.equalweb.com/core/4.0.4/ 39 KB
14 KB 51ms
17ms Script
application/javascript 2606:4700:20::681a:d5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/core/4.0.4/accessibility.js

Requested by

Host: content.wazimo.com
URL: https://content.wazimo.com/engine/common/f100/js/min/?static=true&v=57032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37b3e225df47f607cf27aa8c41d2fe74226c145a64d50876c3bb66e869cef5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
Origin: https://www.on-the-fly-news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70062
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Sep 2021 12:07:44 GMT
server: cloudflare
etag: W/"028bb1f61a9d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGScx1stwMteYZdHHu7VixJRylrneXG7zI8ME2GozKzYLWxWY3Tjz1SxqP9b6R0JIAw4oA9Pj6hTRVBA21eyqD3zGqZXfpFPl6scwhjdaS07klA8jFKqmgIhkun46JlmbX%2FyuK7M6EOfaCX7Erc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
x-client-country: DE
cf-ray: 7de26bd96fe29bfb-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 63ms
27ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10884245320

Requested by

Host: content.wazimo.com
URL: https://content.wazimo.com/engine/common/f100/js/min/?static=true&v=57032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c181daf2e151482b371837d9cec0193b1bf6f54a74c96647b94c3eb31ba6f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69566
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 00:24:34 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Jun 2023 02:15:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 170 KB
47 KB 43ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: content.wazimo.com
URL: https://content.wazimo.com/engine/common/f100/js/min/?static=true&v=57032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Jun 2023 02:15:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46730
x-xss-protection: 0
pragma: public
x-fb-debug: 4EDFu7Hpmois7nHs38ml2AFPFFUKMS/W15mbd1DbwizY0oAbwGpIaytSId8srsxNIQXmcfrIgacIXiC+xqWYug==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
bqstreamer.com/webservice/track/ 0
438 B 146ms
120ms XHR
text/html 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bqstreamer.com/webservice/track/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BTW12UxqhxQ5Je%2B1bKZGEYuyAI9GOOBctEfmsIOrGCjtXZvOjXdzGFk8G17nk9AKGFIbI0%2F8vchAfsDNrEk1Ju3lHfM2vTntNKM5khAFNZgICqNGmliJhEbkmUkL4jRPhrbpG5SeFjlK%2F4D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 7de26bd95a779265-FRA

POST
H2 200 / Show response
bqstreamer.com/webservice/track/ 0
275 B 122ms
122ms XHR
text/html 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bqstreamer.com/webservice/track/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yxEgLoMJDv6UKY1eJhg5VVr70i3ysvPx4q%2B2%2FdZ1asvzJ8tQTeHwzLkx0KMTnx4FtXhH3eJsRssJu9TlPpOJrfatzUHB%2FJhaMTepBU0ugbjBpC7QB%2FDcSw9cApNUBCuFkUkgUgp0qH6KHFK"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 7de26bda2ad09265-FRA

POST
H2 200 / Show response
bqstreamer.com/webservice/track/ 0
276 B 121ms
121ms XHR
text/html 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bqstreamer.com/webservice/track/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHayDTRbbUmfoU02bne2Ayr%2BMtvcQP0WjVKmPCncH%2FMkTQl5N7yHStnXckvVXuwJd3Ftu%2BKCH%2BEmzpn3Rqc98Qgc4u0M3wo1PiFEprYHgfN0ZUK9DJDTbRtqrWFdOzDZOvGiiQR6JzoP0egr"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 7de26bdaeb1c9265-FRA

GET
H2 200 thrillly.svg
cdn.wazimo.com/engine/static/media/funnels/logo/ 2 KB
1 KB 250ms
232ms Image
image/svg+xml 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.wazimo.com/engine/static/media/funnels/logo/thrillly.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b35201dd0c895aad29cfc66f97866401aa11938f21087fb817383de879b7778b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Dec 2022 12:14:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63a055bb-761"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lM3SNRXv%2FXRYe3Lr3ePfO3dlarV%2B8gDjJBMS%2FG7A0t7QyrsadPuinB7OQYEVSNrt%2BbuBAKK%2B3Ak1uJnHuph%2F3zSpXBMtPE2Cb%2FQTGqodN%2BOTGObdqqreZ6FB4RvDiRUkjUes%2BGcMWVE232Vl"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7de26bdc0df81c0f-FRA

GET
H2 200 ce8170832685b9145469cdad6386388c.svg
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 716 B
1 KB 11ms
7ms Image
image/svg+xml 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/ce8170832685b9145469cdad6386388c.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 447e3155b921753c3dcd02ade048f4ac1cde8969da0c11385afce128e5f5f0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 11:21:54 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 226406
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 716
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
etag: "e4573566f0fa1416093ad80f82e84e21"
vary: Origin
content-type: image/svg+xml
cache-control: max-age: 300
accept-ranges: bytes
x-amz-cf-id: sWVrD6Pyb89ovFq8Xoacxs0JUvVgSSgNmTDwFaDH5Xawb7b3nyxOdQ==

GET
H2 200 daily3.gif
media.wazimo.com/interactive/ 180 KB
181 KB 38ms
20ms Image
image/gif 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.wazimo.com/interactive/daily3.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb08924a68d46adc8db57ae4eb47b154ca5fb0b03210f8b906cf983a60db0e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
x-guploader-uploadid: ADPycds5QIv8gxMP_obUReLzg1A-3jubP3uZpwX1Cwaggqn_JDna7pRFCtjiOR3I5EJIZKbPeopYD06Hpn4IW4vCD1_sC27lShJ9
x-goog-storage-class: NEARLINE
x-goog-metageneration: 1
x-goog-meta-x-goog-reserved-source-generation: 1654679784557865
x-goog-stored-content-encoding: identity
content-length: 183939
cf-bgj: imgq:85,h2pri
last-modified: Thu, 15 Jun 2023 12:44:30 GMT
server: cloudflare
etag: "047b90baefc1fc5495214a3f9fe9fabb"
vary: Accept-Encoding
x-goog-generation: 1686833070832326
content-type: image/gif
x-goog-hash: crc32c=5oRw9Q==, md5=BHuQuu/B/FSVIUo/n+n6uw==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHwjgmvQ9TPoPDStxBVW7UFo6XP50xinZZV06ZICjSEy6Sb9pOu%2F2lLTnFYD7eWL0bb6or26%2F2I893qugKEiEFqW639Xt2kdS5w28iVU8%2BHHa%2FYadtdLPHtcyDQzbN6rPJ12AKSt5ShJOBIeCjI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 183939
accept-ranges: bytes
cf-ray: 7de26bdc1dfa1c0f-FRA
expires: Wed, 28 Jun 2023 02:42:39 GMT

GET
H2 200 152841e229215b71fa8977dd722b6c50.svg
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 2 KB
1 KB 13ms
10ms Image
image/svg+xml 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/152841e229215b71fa8977dd722b6c50.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 490892f7d0203b5ecdd81f3e7814fe4304104c45d88ed5d085fd06f609bfb333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 14:45:05 GMT
content-encoding: br
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 214215
etag: W/"427e02c5dae381de9848f256115070a1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age: 300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: tsJc_JrSt15bkq90zgSTHV0sSGMM-y__NpIgfILums8I8sBX6JmbJA==

GET
H2 200 14a65bcb6ec3b9f6855be7f4f2f33892.svg
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 2 KB
1 KB 15ms
12ms Image
image/svg+xml 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/14a65bcb6ec3b9f6855be7f4f2f33892.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 5fadd6574dc235c2271ea2d8236c1528c9243dfd83535d651aede4927aca6aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 14:45:05 GMT
content-encoding: br
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 214215
etag: W/"e8f1ad793975b429d908b071e9a6f751"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age: 300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9hVfegI4-HBDJaX8VwoQwOX2t1O-4m0uxnNagd33K_vwht73APBgkw==

GET
H2 200 ff21e253f2c80e7dcfe49ac33d878291.svg
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 2 KB
1 KB 14ms
11ms Image
image/svg+xml 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/ff21e253f2c80e7dcfe49ac33d878291.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 21e7771095cc044ca71b31b97df1407630ceaf405630d6c7e8e01d65fb22efdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 14:45:05 GMT
content-encoding: br
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 214215
etag: W/"600a58b031c17a66948b1b1874f3fd9d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age: 300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YTM1HQH-XBi-9K7Fuzx34NFkE1WlcZFkErWzo_zjr9D-ZV1qHsSpKg==

GET
H2 200 7a50ad1352e1312e79c57e8068cecbd4.svg
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 2 KB
1 KB 14ms
11ms Image
image/svg+xml 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/7a50ad1352e1312e79c57e8068cecbd4.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 6f129c3a54437edae56e4467b6e1d69a80e04ca3b194314cefec2d3b135af13b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 14:45:05 GMT
content-encoding: br
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 214215
etag: W/"75844526912d7450cbcb17d394b8ec8c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age: 300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0rOzzWLl6tTUk2Cbn5jEWInil2WmuZi_DWmI7rs2gxhCixwEIE9l4w==

GET
H2 200 21f9fd926e120d32f964fd9e37c3457b.svg
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 2 KB
1 KB 15ms
12ms Image
image/svg+xml 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/21f9fd926e120d32f964fd9e37c3457b.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 1235d9e8490ebf893a312343d907210fd5211097cb29a682e80986d80c2f1b63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 14:45:05 GMT
content-encoding: br
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 214215
etag: W/"8f4fa1db9ad60f114af62ad666535d60"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age: 300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gP-g9QXNYctXdLfsC8I9oiZ8dOueVWURh3faVjqytpVSNMHyeGTf-w==

GET
H2 200 ab05a99a9226b8b52b1b8ec7dfd91ea1.svg
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 3 KB
2 KB 15ms
13ms Image
image/svg+xml 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/ab05a99a9226b8b52b1b8ec7dfd91ea1.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a73524b5e73f216886cd42d2ab97986493bf29bf43c9b0327c4b69e059a9d63c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 14:45:05 GMT
content-encoding: br
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 214215
etag: W/"c36f599186b196ef117a2658d266e80b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age: 300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: OFarb9KpfJlOJgrOD_RqchrdDG6JutTastVpG9phdpOVQYmYcbdIiQ==

GET
H2 200 5283dcf3146d3b387dbb68e7bf4fefd5.svg
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 1 KB
1 KB 19ms
16ms Image
image/svg+xml 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/5283dcf3146d3b387dbb68e7bf4fefd5.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 4470310cfd1483f31c3c52cd8d90c7eafc0d2f7038ace724260d5df879232b75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 14:45:05 GMT
content-encoding: br
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 214215
etag: W/"3aa9c30eba96ac853e38ca9b3010dcf1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age: 300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dEUgPm0YaUECAyUjsH7nURJSrCKnNY3QZsvbWVabEnxNvCqNy6xhYA==

GET
H2 200 ac79fc322d3aa6afba79797d10a32387.svg
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 3 KB
2 KB 18ms
15ms Image
image/svg+xml 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/ac79fc322d3aa6afba79797d10a32387.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f39670418fba7e8f9e752d97825d555497b07702c681869dce3a954c4e820582

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 14:45:05 GMT
content-encoding: br
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 214215
etag: W/"f8cf390264a7db56aaa746e8d3b91f9f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age: 300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: XggOig6OhIxnsrLcZBU9vQn8jyxfFxZ6cBQP2zY97TELPXDWg82gng==

GET
H2 200 3116299035457bb8e90714df442e9852.svg
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 2 KB
1 KB 18ms
16ms Image
image/svg+xml 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/3116299035457bb8e90714df442e9852.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 90481b5b3a6d78cf4baeccd0bdbcafbcb5dd373def38d8588dc3c8911e262791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 14:45:05 GMT
content-encoding: br
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 214215
etag: W/"6bec09cff6debf341fe34708eafe583c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age: 300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: aDLlk57rBHQFjQbucYlewIdvSdnoGz13lGJOrKRkB4zOce_B6xMmMw==

GET
H2 200 1c5686fda489021e5c3698d06f59cb15.svg
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 2 KB
1 KB 19ms
17ms Image
image/svg+xml 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/1c5686fda489021e5c3698d06f59cb15.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 5fe2ca9860b9f15fe5dc2b6ed12b6a693ec0665ab9444d418ed8abdcff667eb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 14:45:05 GMT
content-encoding: br
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 214215
etag: W/"4d96a815651ce6d9b132566abf64b166"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age: 300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qqnw88bEautOxP6Gb0xLAZwPyma5OoPnkYOtcSwr1zGkdU85t8RicA==

GET
H2 200 b5db5fec6d0bae01c1235e1a3e2cf3dc.svg
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 2 KB
1 KB 19ms
17ms Image
image/svg+xml 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/b5db5fec6d0bae01c1235e1a3e2cf3dc.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: b4c0d0adb71fab4dad5a8035ac1d393337a373930f50c2a484f6be7c6511d09a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 14:45:05 GMT
content-encoding: br
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 214215
etag: W/"eff45339c76b30df1455ccd3a58b9d96"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age: 300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 37_njTRsfZib48cEzhaVlW4uA0wtbd-HPI5WGQtH0acty9UzAxb6GQ==

GET
H2 200 fc2542a6d7289d0a4471e02005058f36.svg
cdn.mmctsvc.com/email/funnel-renderer/build/prod/ 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2600:9000:20eb:5600:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/fc2542a6d7289d0a4471e02005058f36.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 5d06229513242364f9d7ce53c96660df919345b518c7922691ea77d78dcbdf3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 14:45:05 GMT
content-encoding: br
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 11:18:24 GMT
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 214215
etag: W/"4d8e141129249186a146887a3cae1985"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age: 300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KJ-IXf85Z2vhBwBSbvMaq2Oc0uHy0ACzFmi1sTHLSZXzzjM62V8w4Q==

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A56 436 B
411 B 88ms
87ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910351605291781&output=html&slotname=2566744586&adk=3372386867&adf=4275511882&pi=t.ma~as.2566744586&w=0&fwrn=4&fwrnh=100&lmt=1687918518&rafmt=12&format=0xnull&url=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&fwr=0&fwrattr=true&rh=0&rw=0&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687918519226&bpp=2&bdt=657&idt=2&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5e575e880161b6b1-22895e60fee100cf%3AT%3D1687918519%3ART%3D1687918519%3AS%3DALNI_MahcIKm7rIn9DlWITYW5ppgKnIZYA&gpic=UID%3D00000c772d24936c%3AT%3D1687918519%3ART%3D1687918519%3AS%3DALNI_MaCyQXEg8mHj_9uLruvcO3SWc81iQ&prev_fmts=0x0&nras=1&correlator=1989731829248&frm=20&pv=1&ga_vid=1743638428.1687918519&ga_sid=1687918519&ga_hid=891311489&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C31075630%2C44759876%2C44788441&oid=2&pvsid=34260552706451&tmod=933450182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cer%7C&abl=CS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xHmtn5Lzu1&p=https%3A//www.on-the-fly-news.com&dtd=454

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d10c86b73511a36879fe2231f8139eecdb0a2a91e7b26ded1eeb8207ea96aaaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 02:15:19 GMT
expires: Wed, 28 Jun 2023 02:15:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
content.wazimo.com/engine/common/f100/css/ 239 KB
35 KB 17ms
17ms Stylesheet
text/css 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.wazimo.com/engine/common/f100/css/?static=true&extraCSS=astrology.css&version=f100&funnelColor=%234F6E93&funnelBGD=false&funnelBGM=false&device=desktop&pageVariation=ua_trl_otf_thrillly-astrology_no-mp_1&cb=f100.9
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: ab9fed18ea89bed5c9b82cbe4225299446226430897164b99d79eecf28797694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 02:15:19 GMT
server: cloudflare
age: 0
cf-polished: origSize=293714
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25Itiv5ZK07mrwV7GMU0zBdaR2w7GG7ql1l9VaVcHOlJw4xKkQ68F9H0An9jObMoceixjvhN0IVYKo%2FaOPzI7Y4f%2BEdlhhQQTGqrV6%2BxwgmsTbG8rZdI6Qq5NP6pCUTdcVC%2BYhaJBL%2Fc2FKlSu5lnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7de26bdc2e161c0f-FRA

GET
H2 200 header.css
content.wazimo.com/engine/common/f100/components/header/ 4 KB
1 KB 16ms
15ms Stylesheet
text/css 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.wazimo.com/engine/common/f100/components/header/header.css?cb=f100.9
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0449230bd6c24c21d1ca7b5f1d507a5093c597136a2c8ceeb1f2f953f5fb2efe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 11 Sep 2022 09:26:43 GMT
server: cloudflare
age: 2165
cf-polished: origSize=5354
etag: W/"631da9d3-14ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BrqQ3SH60EjT1Yg5AFgy%2F%2FP8a0TZ1cwbWnf1ilu%2BPtnHWatoS7yqjjA4cqMTRVrHYrVc2MQouHXXSpHMHCRsTyWRAM5uonZCQHu4B0YLbpQvPPS7Pvc%2Fcvntwt1eMfnAEtH0IENh0N0poYb2SbVaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7de26bdc2e181c0f-FRA

GET
H2 200 footer.css
content.wazimo.com/engine/common/f100/components/footer/ 1 KB
715 B 13ms
13ms Stylesheet
text/css 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.wazimo.com/engine/common/f100/components/footer/footer.css?cb=f100.9
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/email/funnel-renderer/build/prod/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1b3b324e5b21ded83a468545365cfc8b3add92f3a1a7c0e382b89c3f3a7fc46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 18 Jul 2022 08:11:46 GMT
server: cloudflare
age: 2165
cf-polished: origSize=1513
etag: W/"62d515c2-5e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtAX%2FHbidqHU%2BT6c9NcH%2Fd4UqY06fOLsnQKyaF%2FKdZvjvZ0bQsMX30lRpoHJcRhyc%2BYhOmlGCYkaN4DO6IXgEHMxXT%2F9ZMGAzl2z2DDzGkbx81R%2BVafzzmHdD0moe%2FsSL2bJqi6CBjnR5Nd%2Fbs%2BH4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7de26bdc2e1a1c0f-FRA

GET
H2 200 2sDcZGJYnIjSi6H75xkzaGW5.woff2
fonts.gstatic.com/s/assistant/v18/ 20 KB
21 KB 49ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Assistant:wght@300;400;600;700&display=swap&family=Baloo+2:wght@800&display=swap&family=Poppins:wght@100;300;400;500;600;700&display=swap&family=Russo+One:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36ea273138b793477fef7ab102c5d882f9329660f70df5d5ad43f30f0edd7026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.on-the-fly-news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:10:45 GMT
x-content-type-options: nosniff
age: 432274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20608
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:46:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jun 2024 02:10:45 GMT

GET
H2 200 2sDcZGJYnIjSi6H75xkzaGW5.woff2
fonts.gstatic.com/s/assistant/v18/ 20 KB
20 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36ea273138b793477fef7ab102c5d882f9329660f70df5d5ad43f30f0edd7026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.on-the-fly-news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:10:45 GMT
x-content-type-options: nosniff
age: 432274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20608
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:46:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jun 2024 02:10:45 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6689 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 15:04:24 GMT
expires: Wed, 26 Jun 2024 15:04:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CF83 783 B
1 KB 81ms
24ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bed8798cb39cfdf5ca589e640464512ced62b055eb3489482f62541b1c5f089f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AybCHyeiPtWeQDgh8aDhFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-AybCHyeiPtWeQDgh8aDhFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 02:15:19 GMT
expires: Wed, 28 Jun 2023 02:15:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
153 B 21ms
20ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=891311489&t=pageview&_s=1&dl=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&dp=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&ul=en-us&de=UTF-8&dt=Get%20a%20Daily%20Horoscope&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABCAAAACACAAB~&jid=305955157&gjid=1156351299&cid=1743638428.1687918519&tid=UA-71855460-13&_gid=2010212518.1687918520&_r=1&_slc=1&cd2=ua_trl_otf_thrillly-astrology_no-mp_1&cd3=&cd4=&cd5=2a0a4a72f8b84c4663d20dc7ef6a0e16&z=138511635

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 02:15:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.on-the-fly-news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 14ms
13ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=891311489&t=event&_s=2&dl=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&dp=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&ul=en-us&de=UTF-8&dt=Get%20a%20Daily%20Horoscope&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=funnel&ea=view&el=section1&_u=YAhAAAABCAAAACACAAD~&jid=&gjid=&cid=1743638428.1687918519&tid=UA-71855460-13&_gid=2010212518.1687918520&cd2=ua_trl_otf_thrillly-astrology_no-mp_1&cd3=&cd4=&cd5=2a0a4a72f8b84c4663d20dc7ef6a0e16&z=1181369885

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 05:30:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74698
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css Show response
cdn.equalweb.com/style/ 18 KB
4 KB 14ms
13ms Fetch
text/css 2606:4700:20::681a:d5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/style.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/4.0.4/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540833d3477dbdd8bb1d2dc87e55788106f77a3b076139fae4afa792e1383592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70061
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 11:12:03 GMT
server: cloudflare
etag: W/"80833021af5cd91:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVu0Iacvjedug38PEj2TV9wAfaWfljJSGriYU6vsnSXx4V71b4NX0O22zKWf%2FrzgqLSVKI0fzFrOScMq48yEV7yN60sX6DF1bVfElg2Y0b0vU4Cb%2FB9GRmBWddpadncwK7axLJCBFCUmXk28hAQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
x-client-country: DE
cf-ray: 7de26bdd59dc9bfb-FRA

GET
H2 200 btncolor.css Show response
cdn.equalweb.com/style/ 105 B
424 B 15ms
15ms Fetch
text/css 2606:4700:20::681a:d5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/btncolor.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/4.0.4/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70056
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Feb 2019 11:16:31 GMT
server: cloudflare
etag: W/"3f26cd3dfbc1d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOd1VRyJHX%2BvuBv2ehjWU6ecEFCwCL7rAfwrxAxxv7YamVOCQBzPRrU1jlfJquMoxqIHjtqUBqlrx3vsGmkIjMnkS7GNedrbuGlglGhMa2bwVM0w9X3auTjrGDb1hw0Tul57yRYJ3YTjqAW02w8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
x-client-country: DE
cf-ray: 7de26bdd59dd9bfb-FRA

GET
H2 200 en.json Show response
cdn.equalweb.com/assets/locale/ 810 B
722 B 83ms
82ms Fetch
application/json 2606:4700:20::681a:d5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/locale/en.json

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/4.0.4/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a59881aae83948c79aad351b6c2b206f08360449c9a47e725f4523b57c5d5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Jun 2021 15:40:09 GMT
server: cloudflare
etag: W/"f45920b9fc61d71:0"
x-frame-options: deny
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7FQd9rSUpDyWn%2BDy6kMyQYDowlFfqxmJ9znY5i4XyN7zaXvnlFR9QR8toGCfA4KekZ0%2FkZJUlCKjHIklDDtTCedaXOXvqUi%2Bm8PkrYpSr%2FHFBiao%2FKt9EM68d8olYEPmMss8Rs77RNOl2qj6tE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-client-country: DE
cf-ray: 7de26bdd59de9bfb-FRA

GET
H2 200 474157827044493 Show response
connect.facebook.net/signals/config/ 535 KB
167 KB 80ms
80ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/474157827044493?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a3b3a03a2ce672a6e88b12f81bd91f2b2c93f1500d78936bd3fd9242fe0fbec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Jun 2023 02:15:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: VvS4Ms0HOyt05HuBrJ3AZXrSHQKs7dYHeGKoWfmv3RdNiQUhBlQn15d5wMFYw2eOKp3P26I1YIEl3MrLuRRYzg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10884245320/ 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10884245320/?random=1687918519924&cv=11&fst=1687918519924&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&hn=www.googleadservices.com&frm=0&tiba=Get%20a%20Daily%20Horoscope&auid=1999241265.1687918520&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10884245320

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d539e3e6aeda66df6f54f5d2fb91cbc58755bf771081f391fbbf34cf8eb8c9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 02:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1361
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
352 B 69ms
30ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-71855460-13&cid=1743638428.1687918519&jid=305955157&gjid=1156351299&_gid=2010212518.1687918520&_u=YAhAAAAACAAAACACAAB~&z=38220201

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Jun 2023 02:15:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.on-the-fly-news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CF83 0
0 51ms
50ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230620&jk=34260552706451&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 6689 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 09:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 09:35:57 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10884245320/ 42 B
327 B 29ms
28ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10884245320/?random=1687918519924&cv=11&fst=1687917600000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&frm=0&tiba=Get%20a%20Daily%20Horoscope&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2216065735&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 02:15:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10884245320/ 42 B
455 B 87ms
25ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10884245320/?random=1687918519924&cv=11&fst=1687917600000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&frm=0&tiba=Get%20a%20Daily%20Horoscope&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2216065735&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 02:15:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK events Show response
ekscapib.voltaxservices.io/ 0
215 B 499ms
114ms XHR
text/plain 2600:1f16:671:7f02:956b:c24d:3b6:fad
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekscapib.voltaxservices.io/events
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/474157827044493?v=2.9.109&r=stable
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:671:7f02:956b:c24d:3b6:fad Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.on-the-fly-news.com
Date: Wed, 28 Jun 2023 02:15:20 GMT
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0
vary: origin

GET
H3 200 239884750603704 Show response
connect.facebook.net/signals/config/ 535 KB
166 KB 546ms
546ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/239884750603704?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

837028663e70e45ab52362162af95779f243bf9c1160acb46cfc1c6526bc29a1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Jun 2023 02:15:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: lDIgdVxUjWFc/hKF6hgs3yEC6ShxRPHi3RkFTY5BA3n00pc3LCYBPeQJ3sLUv7eYykrbgkCcXowmtM38pYJGuw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 47ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=474157827044493&ev=PageView&dl=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&rl=&if=false&ts=1687918520163&sw=1600&sh=1200&ud[external_id]=5798a8f988b0881bf280851a99686584b1074c9cc2f69ac3a36611f7652e2d36&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687918520156.1514600506&eid=ob3_plugin-set_646560256d70d7df451c8bf5cea3a72056d2636b9bd49c382db3296c02a4e9d7&it=1687918519907&coo=false&exp=c0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Jun 2023 02:15:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/ 155 KB
52 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecffde3f37d5a42e51c44ccbdd408083a57c22711f1605290a835894e358d9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53700
x-xss-protection: 0
server: cafe
etag: 9388163361663986440
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 02:15:20 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6689 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AvN9sA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 23ms
23ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.on-the-fly-news.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/ Frame F76F 10 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 23:38:59 GMT
etag: 15057649708203361565
expires: Tue, 11 Jul 2023 23:38:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F76F 4 KB
873 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Jun 2023 02:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 01:08:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jun 2023 02:15:20 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F76F 205 B
650 B 63ms
14ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 04:20:39 GMT
x-content-type-options: nosniff
age: 78881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 21:28:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Jun 2024 04:20:39 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F76F 604 B
695 B 64ms
14ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 11:04:38 GMT
x-content-type-options: nosniff
age: 54642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 21:28:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Jun 2024 11:04:38 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame F76F 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d5df165f9cd33cbc15eef8425d410408e4cb6d7791cbcdf678f6a0b05ee6b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9401
x-xss-protection: 0
server: cafe
etag: 9087801343750428007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 19:23:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F76F 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rsra&context=grsl&params=0-%26adk%3D1812271808%26client%3Dca-pub-2910351605291781%26fa%3D8%26ifi%3D3%26uci%3Da!3%26xpc%3DRXyby6N83h%26p%3Dhttps%3A%2F%2Fwww.on-the-fly-news.com

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 02:15:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E34A 6 KB
706 B 26ms
26ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Jun 2023 02:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 00:46:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jun 2023 02:15:20 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame E34A 2 KB
892 B 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 19:11:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame E34A 22 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 17:03:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame E34A 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 10:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 10:45:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame E34A 19 KB
8 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 19:11:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E34A 179 KB
57 KB 93ms
27ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 02:15:20 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame E34A 33 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 865B 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: www.on-the-fly-news.com
URL: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 09:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 09:35:57 GMT

POST
H/1.1 200
OK events Show response
ekscapib.voltaxservices.io/ 0
215 B 114ms
114ms XHR
text/plain 2600:1f16:671:7f02:956b:c24d:3b6:fad
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekscapib.voltaxservices.io/events
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/474157827044493?v=2.9.109&r=stable
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:671:7f02:956b:c24d:3b6:fad Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.on-the-fly-news.com
Date: Wed, 28 Jun 2023 02:15:20 GMT
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0
vary: origin

GET
H3 200 920690322416875 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 68ms
67ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/920690322416875?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b94bbee124c70b9e5d3120ae6e9498c73fd7a2a98c51333c57ac30346af5dd92

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Jun 2023 02:15:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 62ihuPLljpdxAJ4OH+PvdmoGnyPKMwVT4HoRbdV4Ba27MIGoPMY0yFHzrvNfzmcESa70Z2UO7Ay0a6I5uXsGiA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=239884750603704&ev=PageView&dl=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&rl=&if=false&ts=1687918520760&sw=1600&sh=1200&ud[external_id]=5798a8f988b0881bf280851a99686584b1074c9cc2f69ac3a36611f7652e2d36&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687918520156.1514600506&eid=ob3_plugin-set_ee78ca66c20c37fb1f6dae883c75cc4f3a6e912c8b94a99ad76ffbfad71ac8d5&it=1687918519907&coo=false&exp=c2&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Jun 2023 02:15:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=920690322416875&ev=PageView&dl=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&rl=&if=false&ts=1687918520843&sw=1600&sh=1200&ud[external_id]=5798a8f988b0881bf280851a99686584b1074c9cc2f69ac3a36611f7652e2d36&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687918520156.1514600506&it=1687918519907&coo=false&exp=c2&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Jun 2023 02:15:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=474157827044493&ev=Microdata&dl=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&rl=&if=false&ts=1687918520844&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20a%20Daily%20Horoscope%22%2C%22meta%3Adescription%22%3A%22Zodiac%20Sign%20Horoscope%20%7C%20Personalized%20Daily%20Horoscope%20By%20thrillly.com%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atitle%22%3A%22Get%20a%20Daily%20Horoscope%22%2C%22og%3Adescription%22%3A%22Zodiac%20Sign%20Horoscope%20%7C%20Personalized%20Daily%20Horoscope%20By%20thrillly.com%22%2C%22og%3Asite_name%22%3A%22https%3A%2F%2Fwww.on-the-fly-news.com%2F%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=5798a8f988b0881bf280851a99686584b1074c9cc2f69ac3a36611f7652e2d36&v=2.9.109&r=stable&ec=1&o=30&fbp=fb.1.1687918520156.1514600506&eid=ob3_plugin-set_5b9d555b926686663fd4fb291eeeeabd04de9484659e4fa759807bee09c165a8&it=1687918519907&coo=false&es=automatic&tm=3&exp=c2&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Jun 2023 02:15:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230620&jk=34260552706451&bg=!U1ClUATNAAYQ3eRoMN07ADkAdvg8Wl1DrSyEm-PuxrS7ufavCk4jlxXzxgNygwrNBQ8ra8ZDs7ITmdCOs512kt7C6_Ut4iOpQH0CAAABflIAAAADaAEHCgClP1i_tR4S9_5T4T2adbqWS9G23IDc3FjhoWte5tnlQURqubZzrMUSUxzbYIQln1gQFBKHfY7la1j2GPccw7zF3WOlRHDxSUt_rAdpj-ezWbxT8F04CKuID7NGFm333r8rPmV73Vl4azHYGw3uKeJ7aKLtKcnCH5z-GARhiO646dDXSbT47wJX8dFakZbk9mq1LxlgzGWYOnzGlxVZo5Vih339jBDemQKpH45YHZL8gi5s_PjQ4Zx-jRcXy730-vJ3nbphdBIwGEdjRGbnAyYclOz29nyIi8gWDGvRr7qv1tsH6EOPt9gLPkd7duRpDFJtzVwUeizZqdqvJblMj5Mr9c906eNJrY0ZsLJF8M1Gaz3ENXYoj_UeCXi2d_IttPklMjOd4XHyipRnns3Kzawe9YAnOr1bUoBkELHFI8XPgntAXDoUyz0qsd27NUBE1w4S99CxChSH_h9_zTUWnRC6sEQmPS5GdD-RtjTJ3s6t2eihqS5sSRSxnjLiGUFex8f9YxqK23NbCp13bArSd00i7w6Qo3YTF07GAME7alwMg20SxZuDXqAJhU8JuTwkyxlUxzet_4rBjd5kzPgJTwWg37DEYFz6_3fq_Uhs8dDNupdaRXcchk9klmVpcPX-WTvc4h3n9tRbO6TWKVNs610sSdzYMBo-sJOUQNBZPCZI2Hvqv26y39IIph5noPbKvto0v8CARbEKBzwHnbbN7AFkmv0-yDLgWz9D6zTB-rlwjXcKwtlCozReQO7bP85Jn50Y7tjy-AXPzdDA32VnjR9lLATJQ_1xKB8mcEFopTzSEq2uic56ZgrClJtUVgmOt7imI8nXIaqOelLzFtNc4OLogKWzCrGa_L3Lhg9qcwTACodg0UbbPLWXCjuN5KXWzxJ78x5Y4irjtYUBbncTllgam-cCYLSd2d3J7MgkZiKPHU5-fZlBDXCaJjQG3tNDhQ6hGKKB9wOXiAMl_402YQK6KgTld2PNy7WxaBV6LLisgUdsNyEmvLq1-_H-3EC_Xbto-fvBRjDXEfpTA2cwDYb3LO9kaOj662mR0fhdQthRc6Ja5FGj2PRiSY-9DxYdzgg4ocRgmNfQYLk7I-oQAgWoWqGFVctyiO0xtrcTg17gnxqb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=239884750603704&ev=Microdata&dl=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&rl=&if=false&ts=1687918521262&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20a%20Daily%20Horoscope%22%2C%22meta%3Adescription%22%3A%22Zodiac%20Sign%20Horoscope%20%7C%20Personalized%20Daily%20Horoscope%20By%20thrillly.com%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atitle%22%3A%22Get%20a%20Daily%20Horoscope%22%2C%22og%3Adescription%22%3A%22Zodiac%20Sign%20Horoscope%20%7C%20Personalized%20Daily%20Horoscope%20By%20thrillly.com%22%2C%22og%3Asite_name%22%3A%22https%3A%2F%2Fwww.on-the-fly-news.com%2F%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=5798a8f988b0881bf280851a99686584b1074c9cc2f69ac3a36611f7652e2d36&v=2.9.109&r=stable&ec=1&o=30&fbp=fb.1.1687918520156.1514600506&eid=ob3_plugin-set_f2f3c0fa6fdb5132dd837c6eda1059824451686c4d7c0b5ab669b765412d43b2&it=1687918519907&coo=false&es=automatic&tm=3&exp=c2&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Jun 2023 02:15:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=920690322416875&ev=Microdata&dl=https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook&rl=&if=false&ts=1687918521345&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20a%20Daily%20Horoscope%22%2C%22meta%3Adescription%22%3A%22Zodiac%20Sign%20Horoscope%20%7C%20Personalized%20Daily%20Horoscope%20By%20thrillly.com%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atitle%22%3A%22Get%20a%20Daily%20Horoscope%22%2C%22og%3Adescription%22%3A%22Zodiac%20Sign%20Horoscope%20%7C%20Personalized%20Daily%20Horoscope%20By%20thrillly.com%22%2C%22og%3Asite_name%22%3A%22https%3A%2F%2Fwww.on-the-fly-news.com%2F%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.on-the-fly-news.com%2Fua%2Fthrillly-astrology%2F%3Futm_source%3Dfacebook%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=5798a8f988b0881bf280851a99686584b1074c9cc2f69ac3a36611f7652e2d36&v=2.9.109&r=stable&ec=1&o=30&fbp=fb.1.1687918520156.1514600506&it=1687918519907&coo=false&es=automatic&tm=3&exp=c2&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.on-the-fly-news.com/ua/thrillly-astrology/?utm_source=facebook
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Jun 2023 02:15:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.on-the-fly-news.com/ua/thrillly-astrology	1970-01-20 13:02:03	Name: cityCode Value: NA
www.on-the-fly-news.com/ua/thrillly-astrology	1970-01-20 13:02:03	Name: countryCode Value: DE
www.on-the-fly-news.com/ua/thrillly-astrology	1970-01-20 13:02:03	Name: stateCode Value: NA
www.on-the-fly-news.com/	1969-12-31 23:59:59	Name: mm-experiments-interval Value: 38
www.on-the-fly-news.com/	1969-12-31 23:59:59	Name: mm-session-id Value: tI0xniTKKeEoqvrX
.on-the-fly-news.com/	1970-01-20 12:52:00	Name: _funnel_thrillly-astrology Value: "ua_trl_otf_thrillly-astrology_no-mp_1"
.on-the-fly-news.com/	1970-01-20 12:52:00	Name: _wzguid Value: "wz9a76be9b560a266e4101b3dd6c1064e1"
.on-the-fly-news.com/	1970-01-20 22:13:34	Name: __gads Value: ID=5e575e880161b6b1-22895e60fee100cf:T=1687918519:RT=1687918519:S=ALNI_MahcIKm7rIn9DlWITYW5ppgKnIZYA
.on-the-fly-news.com/	1970-01-20 22:13:34	Name: __gpi Value: UID=00000c772d24936c:T=1687918519:RT=1687918519:S=ALNI_MaCyQXEg8mHj_9uLruvcO3SWc81iQ
.on-the-fly-news.com/	1970-01-20 12:52:00	Name: WzUPV_ua_trl_otf_thrillly-astrology_no-mp_1_1 Value: done
.on-the-fly-news.com/	1970-01-20 22:27:58	Name: _ga Value: GA1.2.1743638428.1687918519
.on-the-fly-news.com/	1970-01-20 12:53:24	Name: _gid Value: GA1.2.2010212518.1687918520
.on-the-fly-news.com/	1970-01-20 12:51:58	Name: _gat_gaWz2 Value: 1
.on-the-fly-news.com/	1970-01-20 15:01:34	Name: _gcl_au Value: 1.1.1999241265.1687918520
.doubleclick.net/	1970-01-20 22:13:34	Name: IDE Value: AHWqTUlXuBe_Obotf39ssmkzxiiVXTkifphWT3v0A4JUlbI2ChXvrVIoaZbY2y7u
.doubleclick.net/	1970-01-20 12:51:59	Name: test_cookie Value: CheckForPermission
.on-the-fly-news.com/	1970-01-20 15:01:34	Name: _fbp Value: fb.1.1687918520156.1514600506

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://cdn.equalweb.com/core/4.0.4/accessibility.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://googleads.g.doubleclick.net') does not match the recipient window's origin ('https://www.on-the-fly-news.com').
security	error	URL: https://cdn.equalweb.com/core/4.0.4/accessibility.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.google.com') does not match the recipient window's origin ('https://www.on-the-fly-news.com').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
bqstreamer.com
cdn.equalweb.com
cdn.mmctsvc.com
cdn.wazimo.com
connect.facebook.net
content.wazimo.com
ekscapib.voltaxservices.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
media.wazimo.com
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.on-the-fly-news.com
2600:1f16:671:7f02:956b:c24d:3b6:fad
2600:9000:20eb:5600:19:4ac0:c3c0:93a1
2600:9000:21f3:1a00:f:8f3b:1200:93a1
2606:4700:20::681a:550
2606:4700:20::681a:d5f
2606:4700:20::ac43:4728
2a00:1450:4001:801::2008
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
0053391d438be682332232d443566ccc6bfeee47ffb5eca9fcd8708b3530de44
0449230bd6c24c21d1ca7b5f1d507a5093c597136a2c8ceeb1f2f953f5fb2efe
1235d9e8490ebf893a312343d907210fd5211097cb29a682e80986d80c2f1b63
162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a
21e7771095cc044ca71b31b97df1407630ceaf405630d6c7e8e01d65fb22efdf
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d5df165f9cd33cbc15eef8425d410408e4cb6d7791cbcdf678f6a0b05ee6b69
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36ea273138b793477fef7ab102c5d882f9329660f70df5d5ad43f30f0edd7026
37b3e225df47f607cf27aa8c41d2fe74226c145a64d50876c3bb66e869cef5ba
3a3b3a03a2ce672a6e88b12f81bd91f2b2c93f1500d78936bd3fd9242fe0fbec
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
4470310cfd1483f31c3c52cd8d90c7eafc0d2f7038ace724260d5df879232b75
447e3155b921753c3dcd02ade048f4ac1cde8969da0c11385afce128e5f5f0e9
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
490892f7d0203b5ecdd81f3e7814fe4304104c45d88ed5d085fd06f609bfb333
4aa39fbfbe348042de24e37332c2721d20ac03263bbdface1e582193ba871198
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
540833d3477dbdd8bb1d2dc87e55788106f77a3b076139fae4afa792e1383592
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d06229513242364f9d7ce53c96660df919345b518c7922691ea77d78dcbdf3a
5fadd6574dc235c2271ea2d8236c1528c9243dfd83535d651aede4927aca6aa4
5fe2ca9860b9f15fe5dc2b6ed12b6a693ec0665ab9444d418ed8abdcff667eb7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b73da7760660bbbe9cd638b7d4fce46e704e43ef151b6f5f5e159b843c6d240
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f129c3a54437edae56e4467b6e1d69a80e04ca3b194314cefec2d3b135af13b
6f972e19ccc7f422d0b6a3e6aded6aeee03dd353d115ef3284cbf16bdeac93eb
7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837028663e70e45ab52362162af95779f243bf9c1160acb46cfc1c6526bc29a1
8a59881aae83948c79aad351b6c2b206f08360449c9a47e725f4523b57c5d5e4
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
90481b5b3a6d78cf4baeccd0bdbcafbcb5dd373def38d8588dc3c8911e262791
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9c181daf2e151482b371837d9cec0193b1bf6f54a74c96647b94c3eb31ba6f1d
a1b3b324e5b21ded83a468545365cfc8b3add92f3a1a7c0e382b89c3f3a7fc46
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73524b5e73f216886cd42d2ab97986493bf29bf43c9b0327c4b69e059a9d63c
aa211acd4fb3d8eddd9333a4090437728df56561bda1c0569e351c01c77ca0c2
ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae
ab9fed18ea89bed5c9b82cbe4225299446226430897164b99d79eecf28797694
abf501522b9a05cf5684889374ba23e0fed1997cabe9ef17ab3720c70750ed6c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b35201dd0c895aad29cfc66f97866401aa11938f21087fb817383de879b7778b
b4c0d0adb71fab4dad5a8035ac1d393337a373930f50c2a484f6be7c6511d09a
b5d51bb19a5e5f29dc5a8214e62696f68893b03ba1f6f0f6d2b9796630962aad
b94bbee124c70b9e5d3120ae6e9498c73fd7a2a98c51333c57ac30346af5dd92
bed8798cb39cfdf5ca589e640464512ced62b055eb3489482f62541b1c5f089f
cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c
d10c86b73511a36879fe2231f8139eecdb0a2a91e7b26ded1eeb8207ea96aaaf
d4a3211ff3d19e9c73d0d75d567c1fe07cea6f7055140ef77d25bf326b0831e1
d539e3e6aeda66df6f54f5d2fb91cbc58755bf771081f391fbbf34cf8eb8c9b5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41feb3a1c32f505024a176a26e9b3e2273ed10c2eea2b931d6dd7d1a64c31bd
eac3fe7e64a97fa0da3ae72cc050144ed6da30c3e01b13ffd9ce7c9b48df18be
eb08924a68d46adc8db57ae4eb47b154ca5fb0b03210f8b906cf983a60db0e5c
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ebfdc6673d4113b52743b45129d7edfdde042d862eccab5aebb552421c732f00
ecffde3f37d5a42e51c44ccbdd408083a57c22711f1605290a835894e358d9da
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39670418fba7e8f9e752d97825d555497b07702c681869dce3a954c4e820582
f6fa1a05caa4dadfda4d9b91df25437c64d3d7a8a1f28837acc31c212c051369
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.on-the-fly-news.com Open in urlscan Pro 2600:9000:21f3:1a00:f:8f3b:1200:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

88 Requests

100 %HTTPS

100 %IPv6

18 Domains

25 Subdomains

21 IPs

3 Countries

1584 kBTransfer

4535 kBSize

17 Cookies

0 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.on-the-fly-news.com Open in urlscan Pro
2600:9000:21f3:1a00:f:8f3b:1200:93a1 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

100 %
HTTPS

100 %
IPv6

18
Domains

25
Subdomains

21
IPs

3
Countries

1584 kB
Transfer

4535 kB
Size

17
Cookies

88 HTTP transactions
0 data transactions