all-news.co Open in urlscan Pro
2606:4700:3030::6815:36b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://alerts.trycake.com/ls/click?upn=cJwyxPgqF1IQ7mU-2FDUf0Q09fu9pSL0KeS0f9DdBamfXUUXEItAzbzlGUGg4UuahNuxBLDinj5vpaYlOnh...
Effective URL:
https://all-news.co/
Submission: On October 23 via api (October 23rd 2021, 10:10:22 pm UTC) from BE — Scanned from DE

Summary HTTP 172 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 36 IPs in 9 countries across 32 domains to perform 172 HTTP transactions. The main IP is 2606:4700:3030::6815:36b, located in United States and belongs to CLOUDFLARENET, US. The main domain is all-news.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 2nd 2020. Valid for: a year.

This is the only time all-news.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.83 167.89.118.83	11377 (SENDGRID) (SENDGRID)
1 1	199.217.115.48 199.217.115.48	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
1 27	2606:4700:303... 2606:4700:3030::6815:36b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
3	185.29.132.246 185.29.132.246	30419 (MEDIAMATH...) (MEDIAMATH-INC)
23	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
4	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
3 4	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	18.66.97.126 18.66.97.126	16509 (AMAZON-02) (AMAZON-02)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
4	54.75.239.54 54.75.239.54	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
5	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2600:1f14:d24... 2600:1f14:d24:9302:439e:399b:f2d2:b482	16509 (AMAZON-02) (AMAZON-02)
1 1	217.182.200.20 217.182.200.20	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
1	35.187.117.15 35.187.117.15	15169 (GOOGLE) (GOOGLE)
172	36

1 167.89.118.83 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net

alerts.trycake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.217.115.48 (St Louis, United States) 1 redirects

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: eagle1093.startdedicated.net

mandiree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:3030::6815:36b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

all-news.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 136.243.149.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal900030.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.102 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.126 (United States)

ASN16509 (AMAZON-02, US)

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.75.239.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:d24:9302:439e:399b:f2d2:b482 (Boardman, United States)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.20 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.187.117.15 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 15.117.187.35.bc.googleusercontent.com

neso.r.niwepa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	493 KB
27	all-news.co 1 redirects all-news.co	1 MB
24	doubleclick.net 3 redirects googleads.g.doubleclick.net stats.g.doubleclick.net 5994599.fls.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	121 KB
14	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	135 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	193 KB
7	redintelligence.net hal9000.redintelligence.net hal900030.redintelligence.net	55 KB
7	google.com 1 redirects adservice.google.com www.google.com	2 KB
6	webgains.io analytics.webgains.io api.webgains.io	102 KB
6	googleapis.com fonts.googleapis.com	5 KB
5	googletagservices.com www.googletagservices.com	183 KB
5	onesignal.com cdn.onesignal.com onesignal.com	82 KB
4	webgains.com track.webgains.com	30 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	taboola.com cdn.taboola.com trc.taboola.com trc-events.taboola.com	27 KB
3	google.de adservice.google.de	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	762 B
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	awin1.com 1 redirects www.awin1.com	1 KB
2	medialead.de 2 redirects pv.medialead.de	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	niwepa.com neso.r.niwepa.com	463 B
1	congstar.de banner.congstar.de	518 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	338 B
1	innovid.com ag.innovid.com	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	quantserve.com cms.quantserve.com	463 B
1	ad-server.eu ad-server.eu	312 B
1	media01.eu pb.media01.eu	629 B
1	googleadservices.com partner.googleadservices.com	607 B
1	mandiree.com 1 redirects mandiree.com	292 B
1	trycake.com 1 redirects alerts.trycake.com	267 B
172	32

	Domain	Requested by
27	all-news.co	1 redirects all-news.co
23	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net all-news.co
12	pagead2.googlesyndication.com	all-news.co pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	fonts.gstatic.com	fonts.googleapis.com
6	assets.ad4m.at	as.ad4m.at
6	fonts.googleapis.com	all-news.co googleads.g.doubleclick.net hal900030.redintelligence.net tpc.googlesyndication.com
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	api.webgains.io	analytics.webgains.io
4	www.gstatic.com	googleads.g.doubleclick.net
4	track.webgains.com	all-news.co googleads.g.doubleclick.net as.ad4m.at
4	hal9000.redintelligence.net	all-news.co hal900030.redintelligence.net
4	adservice.google.com	pagead2.googlesyndication.com 5994599.fls.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	hal900030.redintelligence.net	hal9000.redintelligence.net hal900030.redintelligence.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	onesignal.com	cdn.onesignal.com
3	adservice.google.de	pagead2.googlesyndication.com
2	ad.doubleclick.net	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	trc-events.taboola.com	cdn.taboola.com
2	analytics.webgains.io	track.webgains.com
2	www.awin1.com	1 redirects googleads.g.doubleclick.net
2	5994599.fls.doubleclick.net	1 redirects all-news.co
2	pv.medialead.de	2 redirects
2	www.google-analytics.com	all-news.co www.google-analytics.com
2	cdn.onesignal.com	all-news.co cdn.onesignal.com
1	neso.r.niwepa.com	as.ad4m.at
1	banner.congstar.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	ad-server.eu	googleads.g.doubleclick.net
1	pb.media01.eu	hal900030.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	trc.taboola.com	cdn.taboola.com
1	cdn.taboola.com	all-news.co
1	mandiree.com	1 redirects
1	alerts.trycake.com	1 redirects
172	48

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-02` - `2021-12-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
ad-server.eu R3	`2021-10-16` - `2022-01-14`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh
*.r.niwepa.com AlphaSSL CA - SHA256 - G2	`2021-03-15` - `2022-04-16`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://all-news.co/
Frame ID: A3A5414B098AF49C8BE5D2F1787A3E16
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Frame ID: 6989EA83B19BED051FDE39ED22602E95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1635027015&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015127&bpp=9&bdt=447&idt=256&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2228304315012&frm=20&pv=2&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=273
Frame ID: 9C825EF748D278C258495068BB2B6311
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&slotname=7254349154&adk=2672234074&adf=793176254&pi=t.ma~as.7254349154&w=728&lmt=1635027015&psa=0&format=728x90&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015136&bpp=35&bdt=457&idt=280&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w4yWCB4CrL&p=https%3A//all-news.co&dtd=285
Frame ID: 7B7237BE9B09C918EB34B0251447D250
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=2461821938&adk=1180885167&adf=392215149&pi=t.ma~as.2461821938&w=300&lmt=1635027015&psa=0&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015313&bpp=1&bdt=634&idt=111&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=5VlZUD2LYe&p=https%3A//all-news.co&dtd=119
Frame ID: 7BAF0B65BAD98B5F26968334BBF78D12
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=7413576341&adk=211485506&adf=1725765199&pi=t.ma~as.7413576341&w=300&lmt=1635027015&psa=0&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015345&bpp=22&bdt=666&idt=106&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=1430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=p6gnzr0bpK&p=https%3A//all-news.co&dtd=109
Frame ID: 48489D73F108B27B78C340CD1EC55BDC
Requests: 18 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85910500000834700951393011757030&actionid=731824&produktid=businessgiro&dt_url=
Frame ID: 7A58BBCDBEC655946AEEA19DA1263E4D
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHn8aPG4fMCFYwr0wod13MMLw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4944725690724.489
Frame ID: B8F8CBF715A348E529A546149EE70213
Requests: 2 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=85910500000834700951393011757030&a=695bf0e0
Frame ID: 7A3CCF85C0266D9B962BB474B6BA1701
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Frame ID: 407BF1ACE1563F92D6BCB20255FDAD3C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Frame ID: D14D0151103B65C85A09953108FD6653
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/index.html
Frame ID: 991DC07DD97CF967A2008C55537F9D2C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C7C7641EB355589B78258162DB2C93A3
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: F072768812BFA27501A12365983101F6
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Frame ID: F5613149FE36643C8FBD5F5AA1CF1303
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6917536991&adk=3184593537&adf=3675353251&pi=t.ma~as.6917536991&w=300&lmt=1635027017&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027017070&bpp=2&bdt=2390&idt=2&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3c2c9eecc32c255-2255c651ffca000e%3AT%3D1635027015%3ART%3D1635027015%3AS%3DALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C1600x1200%2C1005x124&nras=3&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=4296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&psts=AGkb-H_GgfpCSr1MfkUIbtBuTS7BGdXHtMToHS6sqAgSKThqWhW3JOUxGZ0ZLrWdInHWholcffNhTRLoBgGZTA%2CAGkb-H-9Ov92oCtLzn2ZZak9Z9jdgyXsSvwCSL-29P2A4qEkg5TPki_XSi75fBxSkW2_OLdh2XkV8rQrEpy-qUQK5azWzCI2znI6I7Q8KlQ%2CAGkb-H9_4R9KUl34A_b52Y-QK_XV57QE_Ic_yqZbQkU5ibQOnytiIfvRDmDDohIcg-cKF4UkeDvhRiEFNA&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=xxj7uQMSLR&p=https%3A//all-news.co&dtd=7
Frame ID: F1089FC8AAAE8C60F18FF2BD2E3105B9
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Frame ID: 539DEA6D502CA6A73614040AD6842FC3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 92012A67AA6E2E88D6B91FEBB15D470C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F4210A0CA8C82B0F9CDE6439C5C7061
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gtfszakm9cggf5sz44djsaxqhafy13rn2ammd1dgnj00wr1sw32zdqg8v90s7skrrgtm20ydragnc198nzp75bbmqnn99fv5qwdw1jmckx46vxg6ke8bppxfkm41wnz5m3079vy7rgmn43a52yb6r5sxg4a0mb7cacxtf768ah620atxvdxdgcvn52p3de3ws7jepsap5vyvxxnd3yzc6skabzhb4sqwrkqvd7zh27n38cbqdm5ev0c45bh4mpg4sjeed56dfccy787grg3b4x83ybrdba6eptyg1bynr544qcmjskwf374h7946rtp4kgrb8jprbyhkynmzd81ce7dz4drckpygcbbdrcjq2zepcpf64vk20hr2ft4ct3c45b9549asfkp0zsp9pgb305nj4k9cd52xx3dz54ah3xqpbd45b8rj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%26client%3Dca-pub-8439024877331049%26adurl%3D
Frame ID: 581E334D8A9C50A89D3BA4C89B5236CB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CEC28C76DB067BCE08C5C317E1667102
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: ED106B7ADF7DBC1CDF58C53AD9029DF6
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Frame ID: C0213F1D1AEBC7AE080C0A7852BE931D
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - all-news

Page URL History Show full URLs

http://alerts.trycake.com/ls/click?upn=cJwyxPgqF1IQ7mU-2FDUf0Q09fu9pSL0KeS0f9DdBamfXUUXEItAzbzlGUGg4Uu... HTTP 302
http://mandiree.com/?Z289MSZzMT0xMjI0OTYzJnMyPTU0MDY2NSZzMz1GUg== HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

172
Requests

99 %
HTTPS

43 %
IPv6

32
Domains

48
Subdomains

36
IPs

9
Countries

2954 kB
Transfer

6360 kB
Size

27
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/AllNews25193679

Search URL Search Domain Scan URL

URL: https://www.facebook.com/https://www.facebook.com/all-newsco-638489289927131
Title: Like

Search URL Search Domain Scan URL

URL: https://instagram.com/https://instagram.com
Title: Follow

Search URL Search Domain Scan URL

URL: https://twitter.com/https://twitter.com/AllNews25193679
Title: Follow

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://alerts.trycake.com/ls/click?upn=cJwyxPgqF1IQ7mU-2FDUf0Q09fu9pSL0KeS0f9DdBamfXUUXEItAzbzlGUGg4UuahNuxBLDinj5vpaYlOnhZkPb3zM-2FbYDQNbE-2BVWW938PJP4-3D-qfK_DWPw47MwCNpjUCBldA3c9x8VjwnVVxmDqUBdlSrv6yHsgo9kbaUJFT3E0q1IXgj8qsRRlma2Vw5fgDG7OWanzHMDwq-2B72YWF3Cuhz-2ButWT1FMP6k8OVqMmPwAEGg9r687kDIx2B631umoROTTLQGIyre1nPZBgSNrB3loFyiBp9AkbvLK8dLhcccnTbDvbO2IBOcovbN2aRZwW5abaEYpw-3D-3D HTTP 302
http://mandiree.com/?Z289MSZzMT0xMjI0OTYzJnMyPTU0MDY2NSZzMz1GUg== HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=85910500000834700951393011757030&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85910500000834700951393011757030&actionid=731824&produktid=businessgiro&dt_url=

Request Chain 59

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4944725690724.489 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHn8aPG4fMCFYwr0wod13MMLw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4944725690724.489

Request Chain 61

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=85910500000834700951393011757030 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 144

https://rtb.openx.net/sync/dds?google_gid=CAESEGjfqxwSjeSjZP4RP0-Pb1w&google_cver=1&google_push=AYg5qPKemv89ymCP9C4kyaXgvOkj-GXLBSzrUt3YWisxBHqn4vjoYD76JiwuhbN_cfpgjAxFxf9s1NmvMsg1gWkkxtrz2PrCQna9 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEGjfqxwSjeSjZP4RP0-Pb1w&google_cver=1&google_push=AYg5qPKemv89ymCP9C4kyaXgvOkj-GXLBSzrUt3YWisxBHqn4vjoYD76JiwuhbN_cfpgjAxFxf9s1NmvMsg1gWkkxtrz2PrCQna9&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKemv89ymCP9C4kyaXgvOkj-GXLBSzrUt3YWisxBHqn4vjoYD76JiwuhbN_cfpgjAxFxf9s1NmvMsg1gWkkxtrz2PrCQna9&google_hm=QkiL-XSfzzQBTUj9a2USEg==

Request Chain 145

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBztbhiqsztJ9twV7NmNIcs&google_cver=1&google_push=AYg5qPJ3UvQvL7f_FpCl8fTcf5-2Mv3mEPK_rIsPsYKozKZ3YXU8vW4Itb4BWPQ9pH_zQnlLi9dXrvv5MWDEKW0frDn4DNe19oww HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBztbhiqsztJ9twV7NmNIcs&google_cver=1&google_push=AYg5qPJ3UvQvL7f_FpCl8fTcf5-2Mv3mEPK_rIsPsYKozKZ3YXU8vW4Itb4BWPQ9pH_zQnlLi9dXrvv5MWDEKW0frDn4DNe19oww&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ng99QjDCTDexqS8Ivqhdog%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ3UvQvL7f_FpCl8fTcf5-2Mv3mEPK_rIsPsYKozKZ3YXU8vW4Itb4BWPQ9pH_zQnlLi9dXrvv5MWDEKW0frDn4DNe19oww

Request Chain 146

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENWEk7Q4o_Q0aMsAmdZ3rRY&google_cver=1&google_push=AYg5qPIYdIbPK54FMvcVCnvYuFN2Rj3y0IMFVTKDCd-65o3sta0DzsPTvnEMOA5eCrI7fXa24j-OSGzxm9u5-mUu1xeW_eO4UKbd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0Q1ZDWTMtOC1HNFpR&google_push=AYg5qPIYdIbPK54FMvcVCnvYuFN2Rj3y0IMFVTKDCd-65o3sta0DzsPTvnEMOA5eCrI7fXa24j-OSGzxm9u5-mUu1xeW_eO4UKbd

Request Chain 147

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECWf3zldIXGVM9C2esYDVrw&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw

Request Chain 149

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPHpXbO_9JrMvEPNo4uldyE&google_cver=1&google_push=AYg5qPKfJz9oNGGsY_8Za3n-s8lLFULFV-AzguzQjQk4Vne7qW9ulSCVjRJa-eR5lnPFTeY_oOE2tkn9pv091tVDkYV7sd78GLvOEQ HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKfJz9oNGGsY_8Za3n-s8lLFULFV-AzguzQjQk4Vne7qW9ulSCVjRJa-eR5lnPFTeY_oOE2tkn9pv091tVDkYV7sd78GLvOEQ&google_hm=

Request Chain 166

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidm97952zIPQKk-w8ej53P1GBXPEzbX1CWasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJiOiqXG4fMCFU6L_QcdKwcBEw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidm97952zIPQKk-w8ej53P1GBXPEzbX1CWasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidm97952zIPQKk-w8ej53P1GBXPEzbX1CWasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635027018_01e60cf1-344e-11ec-b9be-2230dce87953

172 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
all-news.co/
Redirect Chain

http://alerts.trycake.com/ls/click?upn=cJwyxPgqF1IQ7mU-2FDUf0Q09fu9pSL0KeS0f9DdBamfXUUXEItAzbzlGUGg4UuahNuxBLDinj5vpaYlOnhZkPb3zM-2FbYDQNbE-2BVWW938PJP4-3D-qfK_DWPw47MwCNpjUCBldA3c9x8VjwnVVxmDqUBdl...
http://mandiree.com/?Z289MSZzMT0xMjI0OTYzJnMyPTU0MDY2NSZzMz1GUg==
http://all-news.co/
https://all-news.co/

222 KB
30 KB

2834ms
2790ms

Document
text/html

2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.25
Resource Hash: e429a8b491b11fd892c79de131688c7500b099f0e5f185fa6127a7089aa66659

Request headers

:method: GET
:authority: all-news.co
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 23 Oct 2021 22:10:14 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.25
cf-edge-cache: cache,platform=wordpress
link: <https://all-news.co/wp-json/>; rel="https://api.w.org/" <https://all-news.co/wp-json/wp/v2/pages/1027>; rel="alternate"; type="application/json" <https://all-news.co/>; rel=shortlink
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Qt3CLYRBfibE61o7rbQ%2FD5oOlhLO0A%2FDzUZg0Rh8PUIH8ZzHbwI4GlTSzn4tAIxu2FWiDJWLSZdpzyI%2FzEFYg4NAzuZ0eiPY06QE%2FWXCbmsTr3PNZL7HuYXeYG377er5bJtfUToYF4NKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2e4b47785f5a19-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 23 Oct 2021 22:10:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 23 Oct 2021 23:10:11 GMT
Location: https://all-news.co/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3P20TskZNJMTRa6Fhqz1HZcUsBdctwMI%2FC45Ldz%2BXh%2FikxJt7oo4R0JXpxpwGTvf134O6s7YUYRPKtXPE65LbFuxuLtMeexG6GODhmnf4K9uDCnh%2BN6Hlx8DAFdt9zU46wpbvHREH9Png%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6a2e4b46f9b3374b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 autoptimize_bb31286a4e92e4301213493eccdbb690.css
all-news.co/wp-content/cache/autoptimize/css/ 1018 KB
120 KB 220ms
219ms Stylesheet
text/css 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_bb31286a4e92e4301213493eccdbb690.css
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8bc06bf685ff85096bb0343b1e5ebc5915f3fb275c55557c61edaf70a2d7273

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_bb31286a4e92e4301213493eccdbb690.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 22:10:02 GMT
server: cloudflare
etag: W/"fe7e6-5cf0c63ad39e3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJkJhUGpH7r%2FzPoxm3vlgQLmQNm3QUkWB9JtwMUfgozOp8W6ApLAFE6fs3YLzVUa5E2ppOJQxTGiP%2FHx5CfgHHCv95hiufktdUoIHo8YFdvsf2MmBJF%2B50n%2F5vSZvG7CZGpTosnZYrviig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=30672000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a2e4b59e9155a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 13 Oct 2022 22:10:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 63ms
26ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.3.1

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bb7d0ec5d90e77802cecd8e3d55139b255a4f40637740ff52d3ec0beb77b69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 22:10:14 GMT
server: ESF
date: Sat, 23 Oct 2021 22:10:14 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 23 Oct 2021 22:10:14 GMT

GET
H2 200 jquery.min.js Show response
all-news.co/wp-includes/js/jquery/ 87 KB
32 KB 185ms
185ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 23 Jul 2021 22:16:13 GMT
server: cloudflare
etag: W/"15db1-5c7d1c05fb9c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9sae9BUxirOMXursxhUX%2FqnBEsXxKbt7w9bf4dUheyf8sQ56d9nTL%2Bmvvpor5ralemVlSHhLC8vEbAVpIDlGfDP1kFL%2BSQh7kbexiCsALzY6LKeOB3Gai360GnrajSPKVcb9ziGDpDhsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a2e4b59e9185a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 134ms
82ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fa19857f112444fab3aee642ca9a2abd06e4b77ba855ca528d1b6f371cd9f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 51008
x-xss-protection: 0
server: cafe
etag: 11314438003033086165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 22:10:15 GMT

GET
H2 200 ALLNEWS-logo-final.png
all-news.co/wp-content/uploads/2021/10/ 107 KB
108 KB 186ms
185ms Image
image/png 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/ALLNEWS-logo-final.png
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf

Request headers

:path: /wp-content/uploads/2021/10/ALLNEWS-logo-final.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
cf-cache-status: MISS
last-modified: Sun, 17 Oct 2021 14:21:22 GMT
server: cloudflare
etag: "1ada4-5ce8d248a819f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXUF72vyTXrgV%2FH%2BIQSNtDYJyXJ9CwoAuJYsqb%2B%2Bf3XUb%2Fsv%2Fij%2FucfGFdF7WoGCQ7u2uw4v%2FUiq0Nz8Nfwdz%2BRkdE3ai%2BsEX1CXfp41z1yZLlFDoRxu2RWrltLORAk9hOSDKH2LmL4aUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b5b5c8c5a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 109988

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 50ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

614a0c598ea4387213bafccbbb1c85c305de1198a9eb5f20cee82e41699b68e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 51073
x-xss-protection: 0
server: cafe
etag: 8000160024669272411
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 22:10:15 GMT

GET
H2 200 email-decode.min.js Show response
all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 21ms
21ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 12:26:29 GMT
server: cloudflare
etag: W/"616eb975-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOj3A5WhnLLeD6n9bgWlJPEFR7kn7Ng1QALUk29ZBQP37fIW8gOMlvJHQBUvNrwbCSqBsLy%2BZtXunx3QUTkD0QUgLW2PCFdsDCOt8CrAMyVHe0sAcP%2F1nVWxa9zzVCEAcFBqD7Thtqee3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a2e4b5b1c125a19-MXP
vary: Accept-Encoding
expires: Mon, 25 Oct 2021 22:10:14 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 48ms
26ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1717
etag: W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a2e4b5bcbf93248-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 26 Oct 2021 22:10:15 GMT

GET
H2 200 autoptimize_3b44beeb075ae422fc4835c20dad2b81.js Show response
all-news.co/wp-content/cache/autoptimize/js/ 360 KB
88 KB 202ms
202ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/cache/autoptimize/js/autoptimize_3b44beeb075ae422fc4835c20dad2b81.js
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69f2ee8d8b0644eb4f8903e31b82e334f001ce4f04bae012b170b19842523df0

Request headers

:path: /wp-content/cache/autoptimize/js/autoptimize_3b44beeb075ae422fc4835c20dad2b81.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Oct 2021 00:03:25 GMT
server: cloudflare
etag: W/"5a0c2-5ce81284bc2ed-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4NELNj0z88QyTY%2FxC%2BhUlvrXetRk7Aigg0MQRk7VRxIxZ5iIqeeBRHTjk8b8d%2FHPLSBqYLEv9ivXXYt6x%2Bprfb7O0bIUcLS3DKXGXEkEd7I0CrTjnh9P1Z2Ml50G999Z6Gc8OZDOuVi2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=30672000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a2e4b5bad275a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 13 Oct 2022 22:10:15 GMT

GET
H2 200 wp-emoji-release.min.js Show response
all-news.co/wp-includes/js/ 18 KB
5 KB 156ms
156ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 23 Jul 2021 22:16:13 GMT
server: cloudflare
etag: W/"4705-5c7d1c05fae0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myOV64TiGqlXbaVuCiEKdRbh%2FHDot5FfTG328OjDKHaPazxkGj4fV9epEk1EXk4B1HNEtMNe%2FdAeza6WQDbqEBZHumlSmcOFfpPV8R4ZwDzWQfcK52LnN8QX%2FMnMztsPaAS5DDY547v5Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a2e4b5bad2c5a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
14ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 581
date: Sat, 23 Oct 2021 22:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Sun, 24 Oct 2021 00:00:34 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1400286/ 74 KB
25 KB 34ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1400286/tfa.js
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b33c30209f395d4dcb125a7330d5e1cf513f50d6f8b35003de8c2c883c590dae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 3T9xwFwUPm3PWvp8xvl4SYcq11FqTsqT
content-encoding: gzip
etag: "1f7ff5078bbe1fe2ebe126bd1aed6f5b"
age: 4
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 24760
x-amz-id-2: JBIN/Ytzm+C2VWqBHx54O9MFW/Bj8iFzn2/FWZiw08Zk4Upp40qgCj5/rGq8kOXodZuB6xCHkEE=
x-served-by: cache-hhn4053-HHN
last-modified: Mon, 09 Aug 2021 10:24:56 GMT
server: AmazonS3
x-timer: S1635027015.008210,VS0,VE1
date: Sat, 23 Oct 2021 22:10:15 GMT
vary: Accept-Encoding
x-amz-request-id: 65BXB0Y5G4A4BREP
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 17
x-cache-hits: 1

GET
H2 200 mobile-bg.jpg
all-news.co/wp-content/uploads/2021/01/ 43 KB
43 KB 182ms
182ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/01/mobile-bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a

Request headers

:path: /wp-content/uploads/2021/01/mobile-bg.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
cf-cache-status: MISS
last-modified: Sat, 30 Jan 2021 22:15:34 GMT
server: cloudflare
etag: "ab47-5ba2575ae8adc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qq2rngTLGQ%2FzXH3gyJygWvMY9FjTBCWuakt1v91INZJW5J0WzCesvdDGFPBypPSWkfZKMwXcU974%2FU6x3sGi4VfeSCaGFMuCqkyrwO9zUqdqnRdouMSJjG3ThXJRh9ZG53h%2FMjJOxuPSuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b5bad315a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43847

GET
H2 200 newspaper.woff
all-news.co/wp-content/themes/Newspaper/images/icons/ 24 KB
17 KB 157ms
156ms Font
application/font-woff 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_bb31286a4e92e4301213493eccdbb690.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

:path: /wp-content/themes/Newspaper/images/icons/newspaper.woff?19
pragma: no-cache
origin: https://all-news.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: all-news.co
referer: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_bb31286a4e92e4301213493eccdbb690.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_bb31286a4e92e4301213493eccdbb690.css
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Oct 2021 15:00:03 GMT
server: cloudflare
etag: W/"6120-5cea1ccc04bf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKB6v9Qb5ae4vAbfIEpERAFMRhvwbPOPBi8aOZupz%2FxEFlV43aUDX9OpvRlNCX6yP085cQjtZ%2F5MEZBnd0ccuW3AWIscnrrY7FnJrxameAg5cZagvaalPP%2Bf3UPohAZYTCZ9Z09MR0rQJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a2e4b5bbd435a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 newspaper-icons.woff
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 6 KB
4 KB 143ms
143ms Font
application/font-woff 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_bb31286a4e92e4301213493eccdbb690.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
pragma: no-cache
origin: https://all-news.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: all-news.co
referer: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_bb31286a4e92e4301213493eccdbb690.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_bb31286a4e92e4301213493eccdbb690.css
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Oct 2021 15:00:09 GMT
server: cloudflare
etag: W/"1744-5cea1cd15a3df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzrkAiCt4i6BA0sCglE8EbbRIK26lLXpKMQWZiXyfiyXoj1yFBj7WGAwye%2BrudIHAZUbo3kSRpBuUmiRMUnurEhJ6FD66tR88u2QtXtgkuueQR9d4hL%2Bqr9CPKynTGtu%2BAkRNTxl5Jx8Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a2e4b5bbd445a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 72ms
30ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:26:14 GMT
x-content-type-options: nosniff
age: 186241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 18:26:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 51ms
17ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 01:55:14 GMT
x-content-type-options: nosniff
age: 159301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 01:55:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 62ms
36ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:40:20 GMT
x-content-type-options: nosniff
age: 242995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 02:40:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 45ms
26ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 279514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 16:31:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 36ms
24ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 02:46:35 GMT
x-content-type-options: nosniff
age: 156220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 02:46:35 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/ 271 KB
97 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&bust=31063229

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faded22a4d79b933c41a64e0e15d3322f80c33f098a8171fd8e25d3201a8349c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 99086
x-xss-protection: 0
server: cafe
etag: 10531528936388146151
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 22:10:15 GMT

GET
H2 200 5622-myanmar-decries-move-to-block-coup-leader-from-asean-summit-485x360.jpg
all-news.co/wp-content/uploads/2021/10/ 52 KB
53 KB 164ms
162ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5622-myanmar-decries-move-to-block-coup-leader-from-asean-summit-485x360.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a902e20c0afff7686010501ad87ebb78f46776c768938deedf2ba9c656763ef

Request headers

:path: /wp-content/uploads/2021/10/5622-myanmar-decries-move-to-block-coup-leader-from-asean-summit-485x360.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 20:48:28 GMT
server: cloudflare
etag: "d108-5cf0b3ffd0478"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNelLdksmZV7f27cd1Uo86tCKe2ef9gVLecAR%2BB1vlEltidkoXV8xsQWusWFLJd9f7ZACUu7KXC7p6LuzSkAbrcICPW6Xj2Nw3CeJ%2FPAuPnSnLcNoxqg2ESJbOqmZM3LpmRczjcVQZ4dFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b5cbf335a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53512

GET
H2 200 5624-us-says-it-killed-al-qaeda-leader-in-syria-with-drone-strike-485x360.png
all-news.co/wp-content/uploads/2021/10/ 77 KB
78 KB 1199ms
1197ms Image
image/png 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5624-us-says-it-killed-al-qaeda-leader-in-syria-with-drone-strike-485x360.png
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec7c35e0ec4c08cbee8063ed57a1bbbd07bfc907bb7084a2a24703349e8c8840

Request headers

:path: /wp-content/uploads/2021/10/5624-us-says-it-killed-al-qaeda-leader-in-syria-with-drone-strike-485x360.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:16 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 20:48:31 GMT
server: cloudflare
etag: "134a3-5cf0b4021e213"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIycXO4fV1MCQKuuslLoGVEzUw7Gjs3LMSi%2FX3KJpA4rnm%2BXKA69Ovya7ux1OYXIKM0LeeZJcoG4xibpedQ%2Fyj5Vg6Xiee836GKPHEVBN6NDHU6ozTD1uScREv9eJaTsHcu2%2BkThrIVvfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b5cbf355a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 79011

GET
H2 200 5626-climate-activists-go-on-hunger-strike-near-wh-urging-biden-to-act-218x150.jpg
all-news.co/wp-content/uploads/2021/10/ 13 KB
14 KB 1167ms
1164ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5626-climate-activists-go-on-hunger-strike-near-wh-urging-biden-to-act-218x150.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533e9034f5c3b25899810b38192bde26e83cc3b3df67c726daaeedcab9404996

Request headers

:path: /wp-content/uploads/2021/10/5626-climate-activists-go-on-hunger-strike-near-wh-urging-biden-to-act-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:16 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 20:48:34 GMT
server: cloudflare
etag: "359c-5cf0b4050dd8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXdsb8ouJ5tRPcn7uWqOO4tV0sQO16TS1pLujxKTyBlYwfBZlwXaJmqdcNTHtZXeGH3Fag%2FDO8uR8WIjSs3zv%2BaQeJmu6YlyVXZuksLVLjpUKc4TwewkczOkpO0DDAHp%2BOemvZ%2FRIY6WGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b5cbf365a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13724

GET
H2 200 5628-new-space-race-us-tests-components-for-hypersonic-weapons-218x150.jpg
all-news.co/wp-content/uploads/2021/10/ 9 KB
9 KB 133ms
131ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5628-new-space-race-us-tests-components-for-hypersonic-weapons-218x150.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4078f51efbef6111c9adb4b46c84fa2de2aa33c6101aaffe2420628a392d50a

Request headers

:path: /wp-content/uploads/2021/10/5628-new-space-race-us-tests-components-for-hypersonic-weapons-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 20:48:36 GMT
server: cloudflare
etag: "236c-5cf0b407194a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWKIwd8rum07g3XBOe0sHKLdqa3%2FYjMWCiP3FF%2BS%2BK9twXrDzXvDEcLAOwMEcDQR3YmbRcqQv7BzfDNf7ZAEr2WQnjf%2B6c46vKKOV2j%2FsMYEs2vPYxbzoAGWqKYJDfOUHUQBX6%2BRAuYJRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b5cbf375a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9068

GET
H2 200 5630-supercharged-tesla-shares-rally-to-a-record-high-218x150.jpg
all-news.co/wp-content/uploads/2021/10/ 9 KB
10 KB 60ms
58ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5630-supercharged-tesla-shares-rally-to-a-record-high-218x150.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68c9740e3a31d1ca19b076fd08b704c39e2c8c3a9b88f5bc008e7b4dbbac7e07

Request headers

:path: /wp-content/uploads/2021/10/5630-supercharged-tesla-shares-rally-to-a-record-high-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 20:48:38 GMT
server: cloudflare
etag: "257c-5cf0b40980497"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FX2w5xcr1qHo5XNmt7uCFeYFCwN05CjtfUCjGHUrtvbkiO0wa6JBJJVbaEfWz7bPNhePqptDzAyaipkw80V93jNvZkp1PkcRyBnTjUhkjDAw4RX61N4DCE7R4r%2B4UwcqpmNUA7m4ugemvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b5cbf395a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9596

GET
H2 200 5632-melbourne-reopens-as-worlds-most-locked-down-city-eases-limits-218x150.jpg
all-news.co/wp-content/uploads/2021/10/ 12 KB
13 KB 1709ms
1707ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5632-melbourne-reopens-as-worlds-most-locked-down-city-eases-limits-218x150.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd2cff4f59f3e1d3a48593b42d606efaae9a66bad216a1740eb8cc0e71b0bb7d

Request headers

:path: /wp-content/uploads/2021/10/5632-melbourne-reopens-as-worlds-most-locked-down-city-eases-limits-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:16 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 20:48:41 GMT
server: cloudflare
etag: "31f4-5cf0b40bb9241"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lxl4%2FfqTPgJ7WQbNrh7pcvXDemaG4CkhK7udR7XFTEKnoDh57t0NsKXZ7%2B0Tj3TfmbDzHO9iTVSb%2Bj%2BoZRBWmUzZxT%2BhjtAYNpnZICvX2Tkny4mEJe%2FZ9RvC1Y3zWDQF%2BmDUBcKe1gXoVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b5cbf3a5a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12788

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame 6989 10 KB
5 KB 35ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211020/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Oct 2021 15:13:19 GMT
expires: Sat, 06 Nov 2021 15:13:19 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 25016
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fd9b4b10be5a293cbc0f2f89cb21d2072517953a34fb6ac2e7df8d13a966ffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 json Show response
trc.taboola.com/1400286/trc/3/ 2 KB
1 KB 34ms
21ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1400286/trc/3/json?tim=1635027015283&data=%7B%22id%22%3A721%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1635027015257%2C%22cv%22%3A%2220210809-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fall-news.co%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtdg-ismaillahri2685adv1%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1635027015282%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fall-news.co%2F%22%2C%22tos%22%3A11%2C%22ssd%22%3A1%2C%22scd%22%3A34%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1400286/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d7f37f4701545b9d2c855b9ca01b7d98e0a1d4aba5ba12aaf6e66ad8ed2dd2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 14
date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: gzip
server: nginx
x-timer: S1635027015.302433,VS0,VE14
x-served-by: cache-hhn4053-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 24ms
21ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=178297855&t=pageview&_s=1&dl=https%3A%2F%2Fall-news.co%2F&ul=en-us&de=UTF-8&dt=Home%20-%20all-news&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=388694103&gjid=1415320979&cid=1304940241.1635027015&tid=UA-185019636-1&_gid=955610095.1635027015&_r=1&_slc=1&z=388850903

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 22:10:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements.png
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
4 KB 1501ms
1501ms Image
image/png 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_bb31286a4e92e4301213493eccdbb690.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
pragma: no-cache
cookie: _ga=GA1.2.1304940241.1635027015; _gid=GA1.2.955610095.1635027015; _gat=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_bb31286a4e92e4301213493eccdbb690.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/wp-content/cache/autoptimize/css/autoptimize_bb31286a4e92e4301213493eccdbb690.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:16 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Oct 2021 15:00:09 GMT
server: cloudflare
etag: "1035-5cea1cd159ff7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPXaQC2uHL0YQQqRUaOkf1vt5J7gYx%2BVgPXjDIzpQP5kJaFzhFV5u5dDNcsfP0krVEl6H02kvUt6114bB68vubnXfXjoR2iy%2F52BGVtCwC7g%2FfZ0PSbG3TFZVUAum%2FRRF7hDu5cxZIRXOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b5dfa055a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4149

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
607 B 83ms
16ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=all-news.co&callback=_gfp_s_&client=ca-pub-8439024877331049

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&bust=31063229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

5aeae3010a8493584f73ab4dc03c204bc61b9b4a5f81d8382e3e2e5872b2f940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
716 B 85ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
520 B 75ms
22ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C82 247 KB
58 KB 445ms
444ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1635027015&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015127&bpp=9&bdt=447&idt=256&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2228304315012&frm=20&pv=2&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=273

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97084c691707388542332abd344dedf75cbfe22436c344b15fbb8ca392b73cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1635027015&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015127&bpp=9&bdt=447&idt=256&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2228304315012&frm=20&pv=2&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=273
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 23 Oct 2021 22:10:15 GMT
server: cafe
content-length: 58886
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 22:25:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 22:10:15 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
407 B 71ms
25ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-185019636-1&cid=1304940241.1635027015&jid=388694103&gjid=1415320979&_gid=955610095.1635027015&_u=IEBAAEAAAAAAAC~&z=1087736327

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 23 Oct 2021 22:10:15 GMT
content-type: text/plain
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B72 75 KB
26 KB 529ms
529ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&slotname=7254349154&adk=2672234074&adf=793176254&pi=t.ma~as.7254349154&w=728&lmt=1635027015&psa=0&format=728x90&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015136&bpp=35&bdt=457&idt=280&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w4yWCB4CrL&p=https%3A//all-news.co&dtd=285

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fc676ee87189d1760fae2c6ba1f34663c80039a22eef0143e92d45e20d4c9c1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMSh0KPG4fMCFYS8ewodm5IPdQ&gqi=R4h0YaiiGoKDjuwP0JC4uAw&layout=/sadbundle/%24csp%253Der3%24/256229972639744000/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&slotname=7254349154&adk=2672234074&adf=793176254&pi=t.ma~as.7254349154&w=728&lmt=1635027015&psa=0&format=728x90&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015136&bpp=35&bdt=457&idt=280&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w4yWCB4CrL&p=https%3A//all-news.co&dtd=285
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMSh0KPG4fMCFYS8ewodm5IPdQ&gqi=R4h0YaiiGoKDjuwP0JC4uAw&layout=/sadbundle/%24csp%253Der3%24/256229972639744000/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 23 Oct 2021 22:10:15 GMT
server: cafe
content-length: 25607
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 22:25:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 22:10:15 GMT
cache-control: private

GET
H2 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7BAF 603 B
217 B 26ms
26ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=2461821938&adk=1180885167&adf=392215149&pi=t.ma~as.2461821938&w=300&lmt=1635027015&psa=0&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015313&bpp=1&bdt=634&idt=111&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=5VlZUD2LYe&p=https%3A//all-news.co&dtd=119

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=2461821938&adk=1180885167&adf=392215149&pi=t.ma~as.2461821938&w=300&lmt=1635027015&psa=0&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015313&bpp=1&bdt=634&idt=111&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=5VlZUD2LYe&p=https%3A//all-news.co&dtd=119
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 23 Oct 2021 22:10:15 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 22:25:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4848 20 KB
9 KB 221ms
221ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=7413576341&adk=211485506&adf=1725765199&pi=t.ma~as.7413576341&w=300&lmt=1635027015&psa=0&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015345&bpp=22&bdt=666&idt=106&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=1430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=p6gnzr0bpK&p=https%3A//all-news.co&dtd=109

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6132b0f6b6a841887bd3c5b0f3e6816f12ed7d42ec69bef4be08ecf69e1694d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=7413576341&adk=211485506&adf=1725765199&pi=t.ma~as.7413576341&w=300&lmt=1635027015&psa=0&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015345&bpp=22&bdt=666&idt=106&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=1430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=p6gnzr0bpK&p=https%3A//all-news.co&dtd=109
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 23 Oct 2021 22:10:15 GMT
server: cafe
content-length: 9241
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 22:25:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 22:10:15 GMT
cache-control: private

GET
H2 200 footer_bg.jpg
all-news.co/wp-content/uploads/2021/01/ 105 KB
105 KB 1441ms
1440ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/01/footer_bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a

Request headers

:path: /wp-content/uploads/2021/01/footer_bg.jpg
pragma: no-cache
cookie: _ga=GA1.2.1304940241.1635027015; _gid=GA1.2.955610095.1635027015; _gat=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:16 GMT
cf-cache-status: MISS
last-modified: Sat, 30 Jan 2021 22:15:20 GMT
server: cloudflare
etag: "1a3b1-5ba2574d2c0a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTdpE4kuvCsO6WQGmJytGBrEfI56fmzDutAeAJ2lV4fJ6DmxT1gUgV8BMLv1daOkD1ES%2FKvCjzkvDPVRj0omxmXNVPNydKU6NMUADKQD4%2BbaFSQ9V0ZP4JNWDtTC2vJOyPxxiLr%2BB6EXbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b5ebba85a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 107441

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 28ms
27ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1593
etag: W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a2e4b5f1f7a3248-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 26 Oct 2021 22:10:15 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/392339f7-d71c-4ce5-9621-025c65a4d04d/ 3 KB
2 KB 17ms
17ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/392339f7-d71c-4ce5-9621-025c65a4d04d/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdaa04bf56580ef8ee2a1592f73141cc5390cf634000a9b97c949a7b3c811542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1407
cf-polished: origSize=3288
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d8993526-0ed7-44e9-bb40-5480b4c98ea6
x-runtime: 0.034331
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"72727bbeb168cf3880b140c21c86dada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6a2e4b5f682a3248-FRA
access-control-allow-headers: SDK-Version
expires: Sat, 23 Oct 2021 23:10:15 GMT

GET
H2 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 22ms
21ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1726
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6a2e4b5f98543248-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 26 Oct 2021 22:10:15 GMT

GET
H2 200 icon Show response
onesignal.com/api/v1/apps/392339f7-d71c-4ce5-9621-025c65a4d04d/ 44 B
623 B 75ms
28ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/392339f7-d71c-4ce5-9621-025c65a4d04d/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a250acdd-4956-4ad1-a17d-18d510cd4ea1
x-runtime: 0.019775
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7200
cf-ray: 6a2e4b605aff3760-MXP
access-control-allow-headers: SDK-Version
expires: Sun, 24 Oct 2021 00:10:15 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 4848 2 KB
2 KB 71ms
21ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RWaVpHSTVaRE10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0NzkxMTY1NjkwOTU5MzkxOC82NjIyMzI2LzQ1NjIzMDYvNC9WTkdQLW02RGdRQ0tVUDJyLXNqMi1WLVZvTk9RVEExNloyQXhpdmVUeHQ0LzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQ0NzkxMTY1NjkwOTU5MzkxOC96cmgvMC8xNDIvMC85OTkvNjYvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjM1MDI3MDE1LzE2MzUwMzk2MTUvNC9wdWItODQzOTAyNDg3NzMzMTA0OS8/Bq3upinZmf2JRSYSKO80aPsCorQ&nodeid=1746&group=zrh&auctionid=447911656909593918&shardkey=447911656909593918&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.160&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8uukR4h0YdPyHMWngQfpj474Bc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmoAwGqBMIBT9BBoiJZx2xORxlhvdZnHIFrFwY32nzalKdwoPbcbSnWIvY-bqlEtIca8Lv7UF5lI6sKmIm02j2kq8x9vKYgQt63bI3-OcA0jW3uiWar61awuGdo6_JgbsBe5dIVpmXSFAQsMj-3kAT0tm6ES2NtiJ9y-TTRNb3-rZg8FqN3uKYj-wmXpi_t46gKkyE5FbJ1FzMHpDUudwJRRa2M-EPnyMhnus4L5h7Ygi1LEz4SL2ce6gGl9rvudt5CV1mxrfUW27yABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06QyxQNchFNjzAWPXgniZFpc8SGA%26client%3Dca-pub-8439024877331049%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=7413576341&adk=211485506&adf=1725765199&pi=t.ma~as.7413576341&w=300&lmt=1635027015&psa=0&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015345&bpp=22&bdt=666&idt=106&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=1430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=p6gnzr0bpK&p=https%3A//all-news.co&dtd=109
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.206.6 /
Resource Hash: 97ee498358f5878714bac2ba543150a52c6df9e5ef69cd503dc578ea213a6b87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 22:10:15 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1635027015
Last-Modified: Sat, 23 Oct 2021 22:10:15 GMT
Server: MMBD/3.206.6
x-mm-latency: 2 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x68, zrh-bidder-x140
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Sat, 23 Oct 2021 22:10:14 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 4848 3 KB
1 KB 81ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=7413576341&adk=211485506&adf=1725765199&pi=t.ma~as.7413576341&w=300&lmt=1635027015&psa=0&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015345&bpp=22&bdt=666&idt=106&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=1430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=p6gnzr0bpK&p=https%3A//all-news.co&dtd=109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 22:01:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4848 120 KB
37 KB 889ms
825ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 22:10:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 4848 14 KB
7 KB 77ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 22:01:50 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4848 0
0 50ms
49ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTnQqR4h0YdPyHMWngQfpj474Bc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmoAwGqBL8BT9BBoiJZx2xORxlhvdZnHIFrFwY32nzalKdwoPbcbSnWIvY-bqlEtIca8Lv7UF5lI6sKmIm02j2kq8x9vKYgQt63bI3-OcA0jW3uiWar61awuGdo6_JgbsBe5dIVpmXSFAQsMj-3kAT0tm6ES2NtiJ9y-TTRNb3-rZg8FqN3uKYj-wmXpi_t46gKkyE5FbJ1FzMHpDUudwJRRa2M-EPnyMhnus4L5h7Ygi1LEz5QLWqMRpEB8TZKPnWaF_ZBsOGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=wZyjSe5mGMg&uach_m=[UACH]&cid=CAQSGwCNIrLMUwlmlzckfLjM5Vj6lZbKiRiwAtZ-ghgB&tpd=AGWhJmsQbE0yuD0xLjQsgToU8sp46TnnQSIauabGSJv4zgscSLj8jyn9VHsoy0irYQn5up1uktjzP8wC5hDNd765xqoOSIk2p4YZueCGWtCdsiKX8-aKD_b75u7qyt3PmMHt_7FVmjX4B8bEj3OjjySAx_xxUcL2mFByBFNUD1zmAi98-oy7fIEpU83iLFzGNdnZJAfV4oDsUM_XgPk4k7ojugich6NVfCyn8tDWsTHIdGqUj_P8RTixvmJIzBrkLa_Ie2joVEOmUDH6vj3xlM0qp4tFjsJ9mq7A11JIDRkTdmY9zVh5A-qGzVkLmmKxMkae39nXoEkGrx5yqG6GgUHpOQLXJa61gAvT5QDHV5fDsfjpxHSFcv-rpvrprOLjmZ1HsTPaxchnnyF1GE-9cz40ZkcCz8VWvyFrTMoJaQvn-D_Qajj6T9d5ZHQd87l6Unfa4FN9OUXf6TF3Hp1-3L30bblpBuLHdDt5VYGym43zFC10kOT_3z3HIhGWl3LOx98tpbWSOTT-liQgZ3ZOAxuNht_rpN5gRkAOQUD9f7LzRCrNCbTJCpkmRl82Ox964xyAadcLfAkpAogixHykfhuqAA8o2IZCc9qM7m646MTHP2Viz2Q2OdTb6gqi4kT5xEVaC0rH2OO3OHzsNfSlOKteKQqM2eguRoiTRBsIW8LiJ4EAHETCWjL1XPbVxYtAWM-M7pZGW6gADF4cC0MreuODI_pBjV7I9dX5s0FOZ3ZpLwyb4XZlJsCsQo2YO-PSK0l0cBwfnNEnbWLn79vvNqVcs8fbpbcMdrU7sJmDKokjJBb_ab-kOabhCYu6GrghNsDgaeUctAVkjY5Bh_Uk1FXBqDyAfKbUCuTqFyAiJTba-RecY7ntKyESttrBgcG-1H4RZDwL1XtGuZuDw5k9eRqK8oOFSAGdo7AiRndkt3iEPYAwr-8Yq1RFSrMpOQoSvvyL3mabJ0cyMZUDl03BkhQEs2S8Tx8RJMzBvXl4-rnD5atGZrms-SET7_BaoGvkYLm3L_vc94ijwOPVrk-XECGKjxeaE5smi37SSa91Rz_TN5TCqsVuXedImW19YeU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=7413576341&adk=211485506&adf=1725765199&pi=t.ma~as.7413576341&w=300&lmt=1635027015&psa=0&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015345&bpp=22&bdt=666&idt=106&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=1430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=p6gnzr0bpK&p=https%3A//all-news.co&dtd=109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 23 Oct 2021 22:10:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Oct 2021 22:10:15 GMT

GET
DATA 200
OK truncated
/ 582 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame 4848 10 KB
3 KB 49ms
13ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=447911656909593918&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D447911656909593918%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3f6d6174-8847-4c01-8e8d-551bd0f603e9%26mt_cid%3D3f6d6174-8847-4c01-8e8d-551bd0f603e9%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC8uukR4h0YdPyHMWngQfpj474Bc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmoAwGqBMIBT9BBoiJZx2xORxlhvdZnHIFrFwY32nzalKdwoPbcbSnWIvY-bqlEtIca8Lv7UF5lI6sKmIm02j2kq8x9vKYgQt63bI3-OcA0jW3uiWar61awuGdo6_JgbsBe5dIVpmXSFAQsMj-3kAT0tm6ES2NtiJ9y-TTRNb3-rZg8FqN3uKYj-wmXpi_t46gKkyE5FbJ1FzMHpDUudwJRRa2M-EPnyMhnus4L5h7Ygi1LEz4SL2ce6gGl9rvudt5CV1mxrfUW27yABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06QyxQNchFNjzAWPXgniZFpc8SGA%2526client%253Dca-pub-8439024877331049%2526adurl%253D%26redirect%3D
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d53acd656638fddb513a8c7c82f54b3b0a9a3e06c1fdc9b1a8d2b4642ecf8442

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 22:10:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3265
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 4848 49 B
330 B 48ms
21ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=447911656909593918&node_id=1746&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RWaVpHSTVaRE10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0NzkxMTY1NjkwOTU5MzkxOC82NjIyMzI2LzQ1NjIzMDYvNC9WTkdQLW02RGdRQ0tVUDJyLXNqMi1WLVZvTk9RVEExNloyQXhpdmVUeHQ0LzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQ0NzkxMTY1NjkwOTU5MzkxOC96cmgvMC8xNDIvMC85OTkvNjYvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjM1MDI3MDE1LzE2MzUwMzk2MTUvNC9wdWItODQzOTAyNDg3NzMzMTA0OS8/Bq3upinZmf2JRSYSKO80aPsCorQ&nodeid=1746&group=zrh&auctionid=447911656909593918&shardkey=447911656909593918&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.160&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8uukR4h0YdPyHMWngQfpj474Bc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmoAwGqBMIBT9BBoiJZx2xORxlhvdZnHIFrFwY32nzalKdwoPbcbSnWIvY-bqlEtIca8Lv7UF5lI6sKmIm02j2kq8x9vKYgQt63bI3-OcA0jW3uiWar61awuGdo6_JgbsBe5dIVpmXSFAQsMj-3kAT0tm6ES2NtiJ9y-TTRNb3-rZg8FqN3uKYj-wmXpi_t46gKkyE5FbJ1FzMHpDUudwJRRa2M-EPnyMhnus4L5h7Ygi1LEz4SL2ce6gGl9rvudt5CV1mxrfUW27yABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06QyxQNchFNjzAWPXgniZFpc8SGA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.206.6 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 22:10:15 GMT
Server: MMBD/3.206.6
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x30, zrh-bidder-x140
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 23 Oct 2021 22:10:14 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 4848 43 B
373 B 122ms
62ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=447911656909593918&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RWaVpHSTVaRE10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0NzkxMTY1NjkwOTU5MzkxOC82NjIyMzI2LzQ1NjIzMDYvNC9WTkdQLW02RGdRQ0tVUDJyLXNqMi1WLVZvTk9RVEExNloyQXhpdmVUeHQ0LzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQ0NzkxMTY1NjkwOTU5MzkxOC96cmgvMC8xNDIvMC85OTkvNjYvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjM1MDI3MDE1LzE2MzUwMzk2MTUvNC9wdWItODQzOTAyNDg3NzMzMTA0OS8/Bq3upinZmf2JRSYSKO80aPsCorQ&nodeid=1746&group=zrh&auctionid=447911656909593918&shardkey=447911656909593918&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.160&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8uukR4h0YdPyHMWngQfpj474Bc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmoAwGqBMIBT9BBoiJZx2xORxlhvdZnHIFrFwY32nzalKdwoPbcbSnWIvY-bqlEtIca8Lv7UF5lI6sKmIm02j2kq8x9vKYgQt63bI3-OcA0jW3uiWar61awuGdo6_JgbsBe5dIVpmXSFAQsMj-3kAT0tm6ES2NtiJ9y-TTRNb3-rZg8FqN3uKYj-wmXpi_t46gKkyE5FbJ1FzMHpDUudwJRRa2M-EPnyMhnus4L5h7Ygi1LEz4SL2ce6gGl9rvudt5CV1mxrfUW27yABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06QyxQNchFNjzAWPXgniZFpc8SGA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4044 0c7f252 master cdg-pixel-x15 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 22:10:15 GMT
Server: MT3 4044 0c7f252 master cdg-pixel-x15 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 23 Oct 2021 22:10:14 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 4848 49 B
330 B 40ms
13ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=447911656909593918&st=4562306&time=1635027015&nodeid=1746
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RWaVpHSTVaRE10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0NzkxMTY1NjkwOTU5MzkxOC82NjIyMzI2LzQ1NjIzMDYvNC9WTkdQLW02RGdRQ0tVUDJyLXNqMi1WLVZvTk9RVEExNloyQXhpdmVUeHQ0LzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQ0NzkxMTY1NjkwOTU5MzkxOC96cmgvMC8xNDIvMC85OTkvNjYvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjM1MDI3MDE1LzE2MzUwMzk2MTUvNC9wdWItODQzOTAyNDg3NzMzMTA0OS8/Bq3upinZmf2JRSYSKO80aPsCorQ&nodeid=1746&group=zrh&auctionid=447911656909593918&shardkey=447911656909593918&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.160&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8uukR4h0YdPyHMWngQfpj474Bc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmoAwGqBMIBT9BBoiJZx2xORxlhvdZnHIFrFwY32nzalKdwoPbcbSnWIvY-bqlEtIca8Lv7UF5lI6sKmIm02j2kq8x9vKYgQt63bI3-OcA0jW3uiWar61awuGdo6_JgbsBe5dIVpmXSFAQsMj-3kAT0tm6ES2NtiJ9y-TTRNb3-rZg8FqN3uKYj-wmXpi_t46gKkyE5FbJ1FzMHpDUudwJRRa2M-EPnyMhnus4L5h7Ygi1LEz4SL2ce6gGl9rvudt5CV1mxrfUW27yABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06QyxQNchFNjzAWPXgniZFpc8SGA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.206.6 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 22:10:15 GMT
Server: MMBD/3.206.6
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x69, zrh-bidder-x140
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 23 Oct 2021 22:10:14 GMT

GET
H/1.1 200
OK request.php Show response
hal900030.redintelligence.net/ Frame 4848 4 KB
2 KB 111ms
73ms Script
application/x-javascript 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=17827a1ed0&subid=&uid=d14b80bc91cb759e&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D447911656909593918%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3f6d6174-8847-4c01-8e8d-551bd0f603e9%26mt_cid%3D3f6d6174-8847-4c01-8e8d-551bd0f603e9%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC8uukR4h0YdPyHMWngQfpj474Bc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmoAwGqBMIBT9BBoiJZx2xORxlhvdZnHIFrFwY32nzalKdwoPbcbSnWIvY-bqlEtIca8Lv7UF5lI6sKmIm02j2kq8x9vKYgQt63bI3-OcA0jW3uiWar61awuGdo6_JgbsBe5dIVpmXSFAQsMj-3kAT0tm6ES2NtiJ9y-TTRNb3-rZg8FqN3uKYj-wmXpi_t46gKkyE5FbJ1FzMHpDUudwJRRa2M-EPnyMhnus4L5h7Ygi1LEz4SL2ce6gGl9rvudt5CV1mxrfUW27yABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06QyxQNchFNjzAWPXgniZFpc8SGA%2526client%253Dca-pub-8439024877331049%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8439024877331049%26output%3Dhtml%26h%3D250%26slotname%3D7413576341%26adk%3D211485506%26adf%3D1725765199%26pi%3Dt.ma~as.7413576341%26w%3D300%26lmt%3D1635027015%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fall-news.co%252F%26flash%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1635027015345%26bpp%3D22%26bdt%3D666%26idt%3D106%26shv%3Dr20211020%26mjsv%3Dm202110180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%252C300x250%26nras%3D1%26correlator%3D2228304315012%26frm%3D20%26pv%3D1%26ga_vid%3D1304940241.1635027015%26ga_sid%3D1635027015%26ga_hid%3D178297855%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1022%26ady%3D1430%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D182982100%252C182982300%252C31062938%252C31063229%252C31062526%26oid%3D2%26pvsid%3D1784373347073069%26pem%3D581%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26xpc%3Dp6gnzr0bpK%26p%3Dhttps%253A%2F%2Fall-news.co%26dtd%3D109&ancestorOrigins=null&random=2217740191800&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=447911656909593918&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D447911656909593918%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3f6d6174-8847-4c01-8e8d-551bd0f603e9%26mt_cid%3D3f6d6174-8847-4c01-8e8d-551bd0f603e9%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC8uukR4h0YdPyHMWngQfpj474Bc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmoAwGqBMIBT9BBoiJZx2xORxlhvdZnHIFrFwY32nzalKdwoPbcbSnWIvY-bqlEtIca8Lv7UF5lI6sKmIm02j2kq8x9vKYgQt63bI3-OcA0jW3uiWar61awuGdo6_JgbsBe5dIVpmXSFAQsMj-3kAT0tm6ES2NtiJ9y-TTRNb3-rZg8FqN3uKYj-wmXpi_t46gKkyE5FbJ1FzMHpDUudwJRRa2M-EPnyMhnus4L5h7Ygi1LEz4SL2ce6gGl9rvudt5CV1mxrfUW27yABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06QyxQNchFNjzAWPXgniZFpc8SGA%2526client%253Dca-pub-8439024877331049%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 246fa910979732db326449e26e22e8e4cb869511cd614aa03c9013157abd8e99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 22:10:15 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 85910500000834700951393011757030
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1264
Expires: Sat, 23 Oct 2021 23:10:15 +0200

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/ 143 KB
52 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/reactive_library_fy2019.js?bust=31063229

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

420818e6195feee67d7dd2ac6ea1e329d28e4c4640515aa5e36337cd03d8be7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 52704
x-xss-protection: 0
server: cafe
etag: 14481636297538735999
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 22:10:15 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 7A58
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=85910500000834700951393011757030&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85910500000834700951393011757030&actionid=731824&produktid=businessgiro&dt_url=

0
629 B

82ms
47ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85910500000834700951393011757030&actionid=731824&produktid=businessgiro&dt_url=

Requested by

Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=17827a1ed0&subid=&uid=d14b80bc91cb759e&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D447911656909593918%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3f6d6174-8847-4c01-8e8d-551bd0f603e9%26mt_cid%3D3f6d6174-8847-4c01-8e8d-551bd0f603e9%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC8uukR4h0YdPyHMWngQfpj474Bc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmoAwGqBMIBT9BBoiJZx2xORxlhvdZnHIFrFwY32nzalKdwoPbcbSnWIvY-bqlEtIca8Lv7UF5lI6sKmIm02j2kq8x9vKYgQt63bI3-OcA0jW3uiWar61awuGdo6_JgbsBe5dIVpmXSFAQsMj-3kAT0tm6ES2NtiJ9y-TTRNb3-rZg8FqN3uKYj-wmXpi_t46gKkyE5FbJ1FzMHpDUudwJRRa2M-EPnyMhnus4L5h7Ygi1LEz4SL2ce6gGl9rvudt5CV1mxrfUW27yABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06QyxQNchFNjzAWPXgniZFpc8SGA%2526client%253Dca-pub-8439024877331049%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8439024877331049%26output%3Dhtml%26h%3D250%26slotname%3D7413576341%26adk%3D211485506%26adf%3D1725765199%26pi%3Dt.ma~as.7413576341%26w%3D300%26lmt%3D1635027015%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fall-news.co%252F%26flash%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1635027015345%26bpp%3D22%26bdt%3D666%26idt%3D106%26shv%3Dr20211020%26mjsv%3Dm202110180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%252C300x250%26nras%3D1%26correlator%3D2228304315012%26frm%3D20%26pv%3D1%26ga_vid%3D1304940241.1635027015%26ga_sid%3D1635027015%26ga_hid%3D178297855%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1022%26ady%3D1430%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D182982100%252C182982300%252C31062938%252C31063229%252C31062526%26oid%3D2%26pvsid%3D1784373347073069%26pem%3D581%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26xpc%3Dp6gnzr0bpK%26p%3Dhttps%253A%2F%2Fall-news.co%26dtd%3D109&ancestorOrigins=null&random=2217740191800&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pb.media01.eu
:scheme: https
:path: /view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85910500000834700951393011757030&actionid=731824&produktid=businessgiro&dt_url=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 24 Oct 2021 12:10:15 GMT
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=il3msxzxdaghl3bugny04mxq; path=/; secure; HttpOnly; SameSite=None DTU=ECB5D962E9BE6273906E4B9CDF6F088E; expires=Mon, 23-Oct-2023 22:10:15 GMT; path=/; SameSite=None; secure; HttpOnly; SameSite=None
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Sat, 23 Oct 2021 22:10:15 GMT
content-length: 0

Redirect headers

Server: nginx/1.19.7
Date: Sat, 23 Oct 2021 22:10:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Set-Cookie: trscj=MTYzNTAyNzAxNnxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRNekJoTjJSbU9HUmxaR0UwWVdFMlAzTjFZbWxrUFRnMU9URXdOVEF3TURBd09ETTBOekF3T1RVeE16a3pNREV4TnpVM01ETXdKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2; expires=Sun, 23-Oct-2022 22:10:16 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure SERVERID177589=2|YXSIS|YXSIS; path=/; HttpOnly
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85910500000834700951393011757030&actionid=731824&produktid=businessgiro&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: B9E817B4:8E07_91EFC182:01BB_61748847_4FA05A:2A262
X-IPLB-Instance: 40028
Cache-control: private

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 4848 1 KB
2 KB 194ms
94ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3432265&wgcampaignid=99582&js=1&nw=1&viewref=85910500000834700951393011757030
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: b27eaefc28cc00996b82bccd1dfab13e51fa8fa9fa8ae4646285d30757a97269

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 22:10:16 GMT
Last-Modified: Sat, 23 Oct 2021 22:10:16 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1239
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

activityi;dc_pre=CPHn8aPG4fMCFYwr0wod13MMLw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4944725690724.489 Show response
5994599.fls.doubleclick.net/ Frame B8F8
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4944725690724.489?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHn8aPG4fMCFYwr0wod13MMLw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4944725690724.489?

391 B
431 B

25ms
24ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHn8aPG4fMCFYwr0wod13MMLw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4944725690724.489?

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

d70b88a7485682319244b123158797d0b988774af0779f5e75481c01e8fb8ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPHn8aPG4fMCFYwr0wod13MMLw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4944725690724.489?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlf7DybTnCVFjSGFkqV8oXd3F2aRramtHuBocq0TSLVljAy3k8IS5RFlpWrptY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 23 Oct 2021 22:10:16 GMT
expires: Sat, 23 Oct 2021 22:10:16 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 23 Oct 2021 22:10:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHn8aPG4fMCFYwr0wod13MMLw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4944725690724.489?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK request_content.php Show response
hal900030.redintelligence.net/ Frame 7A3C 7 KB
2 KB 36ms
12ms Document
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request_content.php?s=85910500000834700951393011757030&a=695bf0e0
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=17827a1ed0&subid=&uid=d14b80bc91cb759e&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D447911656909593918%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3f6d6174-8847-4c01-8e8d-551bd0f603e9%26mt_cid%3D3f6d6174-8847-4c01-8e8d-551bd0f603e9%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC8uukR4h0YdPyHMWngQfpj474Bc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmoAwGqBMIBT9BBoiJZx2xORxlhvdZnHIFrFwY32nzalKdwoPbcbSnWIvY-bqlEtIca8Lv7UF5lI6sKmIm02j2kq8x9vKYgQt63bI3-OcA0jW3uiWar61awuGdo6_JgbsBe5dIVpmXSFAQsMj-3kAT0tm6ES2NtiJ9y-TTRNb3-rZg8FqN3uKYj-wmXpi_t46gKkyE5FbJ1FzMHpDUudwJRRa2M-EPnyMhnus4L5h7Ygi1LEz4SL2ce6gGl9rvudt5CV1mxrfUW27yABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06QyxQNchFNjzAWPXgniZFpc8SGA%2526client%253Dca-pub-8439024877331049%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8439024877331049%26output%3Dhtml%26h%3D250%26slotname%3D7413576341%26adk%3D211485506%26adf%3D1725765199%26pi%3Dt.ma~as.7413576341%26w%3D300%26lmt%3D1635027015%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fall-news.co%252F%26flash%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1635027015345%26bpp%3D22%26bdt%3D666%26idt%3D106%26shv%3Dr20211020%26mjsv%3Dm202110180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%252C300x250%26nras%3D1%26correlator%3D2228304315012%26frm%3D20%26pv%3D1%26ga_vid%3D1304940241.1635027015%26ga_sid%3D1635027015%26ga_hid%3D178297855%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1022%26ady%3D1430%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D182982100%252C182982300%252C31062938%252C31063229%252C31062526%26oid%3D2%26pvsid%3D1784373347073069%26pem%3D581%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26xpc%3Dp6gnzr0bpK%26p%3Dhttps%253A%2F%2Fall-news.co%26dtd%3D109&ancestorOrigins=null&random=2217740191800&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: f1bfac432c86a377728a8d56d363b2546dc10ff446f98eacc6c2fa465ae442f9

Request headers

Host: hal900030.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Sat, 23 Oct 2021 22:10:15 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 23 Oct 2021 23:10:15 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2072
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 4848
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=85910500000834700951393011757030
https://ad-server.eu/wm/pb/native.png

68 B
312 B

170ms
31ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=7413576341&adk=211485506&adf=1725765199&pi=t.ma~as.7413576341&w=300&lmt=1635027015&psa=0&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015345&bpp=22&bdt=666&idt=106&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=1430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=p6gnzr0bpK&p=https%3A//all-news.co&dtd=109
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 22:14:09 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sat, 23 Oct 2021 22:10:16 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: B9E817B4:8E05_91EFC182:01BB_61748847_4F9E38:2A263
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 4848 43 B
704 B 103ms
49ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=85910500000834700951393011757030&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 22:10:16 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 23ms
22ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 22:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/ Frame 407B 10 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlf7DybTnCVFjSGFkqV8oXd3F2aRramtHuBocq0TSLVljAy3k8IS5RFlpWrptY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Oct 2021 15:13:15 GMT
expires: Sat, 06 Nov 2021 15:13:15 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 25020
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/ Frame D14D 10 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlf7DybTnCVFjSGFkqV8oXd3F2aRramtHuBocq0TSLVljAy3k8IS5RFlpWrptY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Oct 2021 15:13:15 GMT
expires: Sat, 06 Nov 2021 15:13:15 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 25020
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 7B72 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&slotname=7254349154&adk=2672234074&adf=793176254&pi=t.ma~as.7254349154&w=728&lmt=1635027015&psa=0&format=728x90&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015136&bpp=35&bdt=457&idt=280&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w4yWCB4CrL&p=https%3A//all-news.co&dtd=285

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 22:01:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B72 120 KB
37 KB 551ms
551ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 22:10:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 7B72 14 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 22:01:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 407B 4 KB
731 B 324ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 20:59:42 GMT
server: ESF
date: Sat, 23 Oct 2021 22:10:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 23 Oct 2021 22:10:16 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 407B 205 B
715 B 34ms
6ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 04:54:01 GMT
x-content-type-options: nosniff
age: 148575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Oct 2022 04:54:01 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 407B 604 B
695 B 37ms
10ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 15:01:21 GMT
x-content-type-options: nosniff
age: 25735
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 23 Oct 2022 15:01:21 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 407B 18 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3108a595755e4b68a8c9af8465be4462d8d3479043a586bfd3bc18c97c06fe6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 21:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7873
x-xss-protection: 0
server: cafe
etag: 16040667361225943213
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 21:46:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D14D 4 KB
693 B 322ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 21:20:57 GMT
server: ESF
date: Sat, 23 Oct 2021 22:10:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 23 Oct 2021 22:10:16 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame D14D 2 KB
991 B 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 22:05:27 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame D14D 0
0 47ms
47ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdTMXR4h0YafNGZLKx_APrpSP0A2wuoy7Y4Dw4pPUDdvZHhABIMzT7IIBYJXikIKgB6ABvuuT_QLIAQmpAtzYDnC1ibM-qAMByAPLBKoE9QFP0AM8PC3iPgNK8E-BKWwzodOTWKvNvZCvrX8GgITeApYzaVBRy1-n25C55Sd9Ir0oT4JU5w42ZrQ3vXqJtLMNAHREdHVOfRaEk7nHJ4hHMVIoZOMuxduLcD8q_3Qwv1pWaH85IfXCCxOMD4oY5-4Fvf2JIIFOiliEciCbJe373IgcdvO-HPGsFmt3IxtkbZMiLgyQd0i4CVoHKVreeaVG5r8nt6KVYW4J1D7VKljhI30d-sRy_WJW2dI1R1nOWUj6UOruEhQoXohQsq7JU7Wtib0HzleV-MNmeFAFZEz1J6h3mFdRCSABI596DuF6Sn5MY9Bq5cAE6ujZm8wDkgUECAQYAZIFBAgFGASgBi6AB6qU7IIBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBC41ALSCAkIgOGAEBABGF-ACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=k4p2HGHtryA&uach_m=[UACH]&template_id=484

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 23 Oct 2021 22:10:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame D14D 18 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 21:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 21:56:29 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame D14D 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 22:01:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D14D 120 KB
37 KB 546ms
545ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 22:10:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame D14D 14 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 22:01:50 GMT

GET
H2 200 fc4a425cba241d0dce431f7f76e62919.js Show response
www.gstatic.com/mysidia/ Frame D14D 27 KB
11 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc4a425cba241d0dce431f7f76e62919.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 21:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11259
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:43:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Fri, 21 Jan 2022 21:45:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7A3C 4 KB
723 B 316ms
25ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=85910500000834700951393011757030&a=695bf0e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 21:20:42 GMT
server: ESF
date: Sat, 23 Oct 2021 22:10:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 23 Oct 2021 22:10:16 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7A3C 16 KB
16 KB 38ms
14ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=85910500000834700951393011757030&a=695bf0e0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a9e38df2b5e9549bc8187f3543a618ce744c651ac5a1b547377ea196116ca60a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 22:10:16 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16463
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7A3C 17 KB
17 KB 36ms
13ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=85910500000834700951393011757030&a=695bf0e0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 71debc40d25ba580fdf19b2a50ab3fac69173b7af6a237821d31801d4477033d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 22:10:16 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16857
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7A3C 14 KB
14 KB 37ms
13ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/paninishop-nfl-2021-banner-1200x627.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=85910500000834700951393011757030&a=695bf0e0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 282d14ba3c8012b67bef8fac9bd2ac4588302a2729b1c7bdfc5a810779661b54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 22:10:16 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 14156
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/ Frame 991D 86 KB
23 KB 15ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a2bc53c9a4404a1e1a4829550a1377a1d41c9e2cfc77546e27aa039465a7595

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/256229972639744000/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Thu, 21 Oct 2021 18:48:36 GMT
expires: Fri, 21 Oct 2022 18:48:36 GMT
last-modified: Mon, 01 Feb 2021 15:06:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 22181
age: 184900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7B72 0
0 49ms
47ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpLJqR4h0YYTiGoT57gObpb6oB-Cj54Jlrf-omYANovu7kbgXEAEgzNPsggFgleKQgqAHoAGTrLDUA8gBCakC3NgOcLWJsz6oAwHIAwKqBPgBT9AdxEGY83RlxBOrwGjK3mRXL1eNJOwRmQXHkwCef0oSd51CtYQYfd1aGCO2ApdPOfaUWOBNfWTPPRCZk0eUQMvOQARX1MiIDP5Ueycosa5mga0OXpXvvaElGxFjk-tfW5VVQlwBvmJsiAvgCnTvI8W2iM62Gcigqt1DU25n8v-Ai_adB269kOtwcswAyNpW5pezR-xN6NGdypqweBeRlmhkUYqlF12K2XpF_Bg7KIUFV94Z1D3VYd6331RhowTmCboYbrs8aqzJR2IPJBFzO3uN_M5pT2S1nMYm0ATrDzDxS74JXwPLF776CSoN5C_uT9heBNvwi27ABLmm-OmDApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAZdgAfV088rqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBDB5gTSCAkIgOGAEBABGF-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=K1oBL9d02_s&uach_m=[UACH]

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&slotname=7254349154&adk=2672234074&adf=793176254&pi=t.ma~as.7254349154&w=728&lmt=1635027015&psa=0&format=728x90&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015136&bpp=35&bdt=457&idt=280&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w4yWCB4CrL&p=https%3A//all-news.co&dtd=285
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 23 Oct 2021 22:10:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C7C7 143 B
222 B 8ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&slotname=7254349154&adk=2672234074&adf=793176254&pi=t.ma~as.7254349154&w=728&lmt=1635027015&psa=0&format=728x90&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015136&bpp=35&bdt=457&idt=280&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w4yWCB4CrL&p=https%3A//all-news.co&dtd=285
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlf7DybTnCVFjSGFkqV8oXd3F2aRramtHuBocq0TSLVljAy3k8IS5RFlpWrptY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=90&slotname=7254349154&adk=2672234074&adf=793176254&pi=t.ma~as.7254349154&w=728&lmt=1635027015&psa=0&format=728x90&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015136&bpp=35&bdt=457&idt=280&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w4yWCB4CrL&p=https%3A//all-news.co&dtd=285

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 23 Oct 2021 21:43:06 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 dc_pre=CPHn8aPG4fMCFYwr0wod13MMLw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4944725690724.489
adservice.google.com/ddm/fls/z/ Frame B8F8 42 B
262 B 50ms
50ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPHn8aPG4fMCFYwr0wod13MMLw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4944725690724.489

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHn8aPG4fMCFYwr0wod13MMLw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4944725690724.489?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 22:10:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 991D 4 KB
692 B 263ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular,500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 21:58:34 GMT
server: ESF
date: Sat, 23 Oct 2021 22:10:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 23 Oct 2021 22:10:16 GMT

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 991D 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Oct 2021 17:24:57 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 991D 26 KB
10 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Oct 2021 13:46:49 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C7C7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
248 B

47ms
47ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlf7DybTnCVFjSGFkqV8oXd3F2aRramtHuBocq0TSLVljAy3k8IS5RFlpWrptY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Oct 2021 22:10:16 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 23-Oct-2021 23:10:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 22:10:16 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Oct 2021 22:10:16 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 4848 51 KB
51 KB 58ms
9ms Script
application/javascript 18.66.97.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3432265&wgcampaignid=99582&js=1&nw=1&viewref=85910500000834700951393011757030
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 e44e0b24e706487eaec6b9e01f2166dd.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 60138
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 23 Oct 2021 05:27:58 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: H1I-8pKhOTFFcDJ7vxp3QZN8xUY4ovXvHojYCH9nr-A10vYwYVKvmg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 4848 667 B
1 KB 91ms
33ms Image
image/jpeg 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=41686600000335501112882011757003&wglinkid=3432265
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=7413576341&adk=211485506&adf=1725765199&pi=t.ma~as.7413576341&w=300&lmt=1635027015&psa=0&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015345&bpp=22&bdt=666&idt=106&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=1430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=p6gnzr0bpK&p=https%3A//all-news.co&dtd=109
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 22:10:16 GMT
Last-Modified: Sat, 23 Oct 2021 22:10:16 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Content-Length: 667
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F072 6 KB
744 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 21:39:45 GMT
server: ESF
date: Sat, 23 Oct 2021 22:10:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 23 Oct 2021 22:10:16 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame F072 2 KB
946 B 15ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 22:05:27 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame F072 18 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 21:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 21:56:29 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame F072 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 22:01:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F072 120 KB
37 KB 206ms
205ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 22:10:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame F072 14 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 22:01:50 GMT

GET
H2 200 fc4a425cba241d0dce431f7f76e62919.js Show response
www.gstatic.com/mysidia/ Frame F072 27 KB
11 KB 311ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc4a425cba241d0dce431f7f76e62919.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 21:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11259
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:43:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Fri, 21 Jan 2022 21:45:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 991D 15 KB
15 KB 19ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 279515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 16:31:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 991D 16 KB
16 KB 19ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 02:46:35 GMT
x-content-type-options: nosniff
age: 156221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 02:46:35 GMT

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame 7A3C 0
150 B 38ms
12ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=85910500000834700951393011757030&a=605d97fd&vb=m
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=85910500000834700951393011757030&a=695bf0e0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=85910500000834700951393011757030&a=695bf0e0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 22:10:16 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 7A3C 16 KB
16 KB 20ms
15ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900030.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 21:28:54 GMT
x-content-type-options: nosniff
age: 175282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 21:28:54 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 7A3C 16 KB
16 KB 18ms
14ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900030.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 11:16:30 GMT
x-content-type-options: nosniff
age: 557626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 17 Oct 2022 11:16:30 GMT

GET
H2 200 g4797.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/ Frame 991D 26 KB
26 KB 15ms
15ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/g4797.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad687ad10fb78382e466a97077e8f7ec9bc2297f6f47c3790ddad4ea1eeee198

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 234305
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 26912
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 15:06:53 GMT
server: sffe
date: Thu, 21 Oct 2021 05:05:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Oct 2022 05:05:11 GMT

GET
H2 200 IMG_20181210_173024_2.resized.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/ Frame 991D 24 KB
25 KB 19ms
18ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/IMG_20181210_173024_2.resized.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

985849a53b30f370530ad6589e9b11f7799e1b68ae44b04b16f0d88fcdc40ebd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 165585
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25014
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 15:06:53 GMT
server: sffe
date: Fri, 22 Oct 2021 00:10:31 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Oct 2022 00:10:31 GMT

GET
H2 200 LOGO_2017_400x150.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/ Frame 991D 29 KB
29 KB 21ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/256229972639744000/LOGO_2017_400x150.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

492a08284858ee3aaaa3623a9aaab2b8bdb252f180ea04f391eda3324a86665b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 165585
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30040
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 15:06:53 GMT
server: sffe
date: Fri, 22 Oct 2021 00:10:31 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Oct 2022 00:10:31 GMT

GET
DATA 200
OK truncated
/ Frame 4848 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cfee8787bd93db327de296644cc70a1e3de052644ab4faf04124eae9ad8114a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7B72 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62d02bda5aaec13f346948a2904e477ffd8705ae6d94b775281687b66431b7a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 unip Show response
trc-events.taboola.com/1400286/log/3/ 0
244 B 94ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1400286/log/3/unip?en=pre_d_eng_tb&tos=1751&scd=34&ssd=1&est=1635027015271&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1635027017023&vi=1635027015257&ri=73b8235d459c3eb08e0bf1d33725c9b3&ref=null&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Fall-news.co%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1400286/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://all-news.co
pragma: no-cache
date: Sat, 23 Oct 2021 22:10:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame F561 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 21:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 23 Oct 2022 21:15:31 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 24ms
23ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1beca352daf8e54ac5390c88b5c272dd14ba0ef79d4c79659be7b8f20ebfd97d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 22:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8555
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 22:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 25ms
25ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 22:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F108 22 KB
11 KB 368ms
368ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6917536991&adk=3184593537&adf=3675353251&pi=t.ma~as.6917536991&w=300&lmt=1635027017&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027017070&bpp=2&bdt=2390&idt=2&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3c2c9eecc32c255-2255c651ffca000e%3AT%3D1635027015%3ART%3D1635027015%3AS%3DALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C1600x1200%2C1005x124&nras=3&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=4296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&psts=AGkb-H_GgfpCSr1MfkUIbtBuTS7BGdXHtMToHS6sqAgSKThqWhW3JOUxGZ0ZLrWdInHWholcffNhTRLoBgGZTA%2CAGkb-H-9Ov92oCtLzn2ZZak9Z9jdgyXsSvwCSL-29P2A4qEkg5TPki_XSi75fBxSkW2_OLdh2XkV8rQrEpy-qUQK5azWzCI2znI6I7Q8KlQ%2CAGkb-H9_4R9KUl34A_b52Y-QK_XV57QE_Ic_yqZbQkU5ibQOnytiIfvRDmDDohIcg-cKF4UkeDvhRiEFNA&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=xxj7uQMSLR&p=https%3A//all-news.co&dtd=7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89e75cd169770d55181d7bcae095e5c916c6dbd4d795fc5f3969a939d85bb950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6917536991&adk=3184593537&adf=3675353251&pi=t.ma~as.6917536991&w=300&lmt=1635027017&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027017070&bpp=2&bdt=2390&idt=2&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3c2c9eecc32c255-2255c651ffca000e%3AT%3D1635027015%3ART%3D1635027015%3AS%3DALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C1600x1200%2C1005x124&nras=3&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=4296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&psts=AGkb-H_GgfpCSr1MfkUIbtBuTS7BGdXHtMToHS6sqAgSKThqWhW3JOUxGZ0ZLrWdInHWholcffNhTRLoBgGZTA%2CAGkb-H-9Ov92oCtLzn2ZZak9Z9jdgyXsSvwCSL-29P2A4qEkg5TPki_XSi75fBxSkW2_OLdh2XkV8rQrEpy-qUQK5azWzCI2znI6I7Q8KlQ%2CAGkb-H9_4R9KUl34A_b52Y-QK_XV57QE_Ic_yqZbQkU5ibQOnytiIfvRDmDDohIcg-cKF4UkeDvhRiEFNA&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=xxj7uQMSLR&p=https%3A//all-news.co&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlf7DybTnCVFjSGFkqV8oXd3F2aRramtHuBocq0TSLVljAy3k8IS5RFlpWrptY; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 23 Oct 2021 22:10:17 GMT
server: cafe
content-length: 10765
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 5691-texas-am-vs-south-carolina-odds-line-college-football-picks-week-8-predictions-from-proven-computer-model-696x392.jpg
all-news.co/wp-content/uploads/2021/10/ 53 KB
54 KB 103ms
102ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5691-texas-am-vs-south-carolina-odds-line-college-football-picks-week-8-predictions-from-proven-computer-model-696x392.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7d028933cdf7658f6524b0d90787282e018d2937aa40c894e7b5509be6cf7a

Request headers

:path: /wp-content/uploads/2021/10/5691-texas-am-vs-south-carolina-odds-line-college-football-picks-week-8-predictions-from-proven-computer-model-696x392.jpg
pragma: no-cache
cookie: _ga=GA1.2.1304940241.1635027015; _gid=GA1.2.955610095.1635027015; _gat=1; __gads=ID=d3c2c9eecc32c255-2255c651ffca000e:T=1635027015:RT=1635027015:S=ALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 21:54:58 GMT
server: cloudflare
etag: "d5d3-5cf0c2dc6b819"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qld5psuslpgFR9sq5ck1ZPSGbhOmKSMsE3SIQLgRJJj7IIu28Cb%2FPOHU3WNu%2BIIcobuqB6NEDXR5dfCns8nhv%2FGtcyJI08MShcStpZ89gTgbiTUbeOYhjsPgo49s9HOsknY5scshj0P4kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b6919ee5a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54739

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4848 16 B
232 B 86ms
86ms Fetch
application/json 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-239-54.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 126ms
30ms Preflight 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 23 Oct 2021 22:10:17 GMT

GET
H2 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame 539D 35 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 21:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 23 Oct 2022 21:15:31 GMT

GET
H2 200 5689-this-guy-is-a-winner-ben-verlander-reacts-to-dusty-baker-and-the-astros-clinching-game-6-of-the-alcs-flippin-bats.png
all-news.co/wp-content/uploads/2021/10/ 143 KB
144 KB 228ms
228ms Image
image/png 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5689-this-guy-is-a-winner-ben-verlander-reacts-to-dusty-baker-and-the-astros-clinching-game-6-of-the-alcs-flippin-bats.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b597886e5ac4a0be6c44cee65435b1092041620af4988fa04a8be4564d15218f

Request headers

:path: /wp-content/uploads/2021/10/5689-this-guy-is-a-winner-ben-verlander-reacts-to-dusty-baker-and-the-astros-clinching-game-6-of-the-alcs-flippin-bats.png
pragma: no-cache
cookie: _ga=GA1.2.1304940241.1635027015; _gid=GA1.2.955610095.1635027015; _gat=1; __gads=ID=d3c2c9eecc32c255-2255c651ffca000e:T=1635027015:RT=1635027015:S=ALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 21:53:01 GMT
server: cloudflare
etag: "23c01-5cf0c26d222dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uySnncI9BL5laQyX3Rh6f9FFYht%2FpGRRIJcJwzDZN8M42kKvM1Un1hoYmu9iqbLdgV0cHXe7DbOlDlxraQoxcVEI%2F6Xpri6XJSawQPgiaeXFo1zyGlKw9M%2BgYitydorsS7rBzPA3%2FEDp5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b694a435a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 146433

GET
H2 200 5622-myanmar-decries-move-to-block-coup-leader-from-asean-summit-696x365.jpg
all-news.co/wp-content/uploads/2021/10/ 74 KB
74 KB 102ms
102ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5622-myanmar-decries-move-to-block-coup-leader-from-asean-summit-696x365.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b36a3b522b51736a601ae1b1c9bb2e8fa4954092227c06c23cd9b37f0b9b6cc

Request headers

:path: /wp-content/uploads/2021/10/5622-myanmar-decries-move-to-block-coup-leader-from-asean-summit-696x365.jpg
pragma: no-cache
cookie: _ga=GA1.2.1304940241.1635027015; _gid=GA1.2.955610095.1635027015; _gat=1; __gads=ID=d3c2c9eecc32c255-2255c651ffca000e:T=1635027015:RT=1635027015:S=ALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 20:48:28 GMT
server: cloudflare
etag: "1270f-5cf0b3ffde709"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9JDps%2BnpwviuCeI9a2nzJa%2F5CVGXgywoFPuCW6ArixW0PjFnj0ub%2F%2BWsK%2BggoDg9Sw02xBwsKIQTxlhw9DFiWBDqOK8Y1Oa35nrtOZ4F1XYfHIM4lgFpbcXP%2BWQdvA64CQNBQM6KWnaow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b69ab025a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75535

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9201 12 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 23 Oct 2021 19:33:26 GMT
expires: Sun, 23 Oct 2022 19:33:26 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6F42 783 B
999 B 29ms
29ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5b60c6f39cab7473ad9f7c7099a325a6dfed614a09784eee69890d8b9336cf86

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GQ90/LTW/baVybOvVoS5Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 23 Oct 2021 22:10:17 GMT
date: Sat, 23 Oct 2021 22:10:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-GQ90/LTW/baVybOvVoS5Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 5624-us-says-it-killed-al-qaeda-leader-in-syria-with-drone-strike-696x366.png
all-news.co/wp-content/uploads/2021/10/ 108 KB
108 KB 207ms
207ms Image
image/png 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5624-us-says-it-killed-al-qaeda-leader-in-syria-with-drone-strike-696x366.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c624e73c4c74da084d7cf042f017acac0a078d9d54426339fb32de26c5a9e31

Request headers

:path: /wp-content/uploads/2021/10/5624-us-says-it-killed-al-qaeda-leader-in-syria-with-drone-strike-696x366.png
pragma: no-cache
cookie: _ga=GA1.2.1304940241.1635027015; _gid=GA1.2.955610095.1635027015; _gat=1; __gads=ID=d3c2c9eecc32c255-2255c651ffca000e:T=1635027015:RT=1635027015:S=ALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 20:48:31 GMT
server: cloudflare
etag: "1afca-5cf0b4023e5b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5m01NDjAxG38HnkoKkmjJnX5ePYbvVJTe2xR5pmVa%2FE7zW3aIkoGdrnlT8zjwxpdyA8QMO83b6tt6xDrWRupe9XlDgBaG3wxxA%2F6J2oHN%2Fglui2QGmtd31R1gKBENBZAzfftf9BeNawPuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a2e4b6a1c1e5a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 110538

GET
H2 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9201 35 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 21:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 23 Oct 2022 21:15:31 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6F42 0
0 53ms
53ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=1784373347073069&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 5691-texas-am-vs-south-carolina-odds-line-college-football-picks-week-8-predictions-from-proven-computer-model-696x392.jpg
all-news.co/wp-content/uploads/2021/10/ 53 KB
54 KB 27ms
26ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5691-texas-am-vs-south-carolina-odds-line-college-football-picks-week-8-predictions-from-proven-computer-model-696x392.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7d028933cdf7658f6524b0d90787282e018d2937aa40c894e7b5509be6cf7a

Request headers

:path: /wp-content/uploads/2021/10/5691-texas-am-vs-south-carolina-odds-line-college-football-picks-week-8-predictions-from-proven-computer-model-696x392.jpg
pragma: no-cache
cookie: _ga=GA1.2.1304940241.1635027015; _gid=GA1.2.955610095.1635027015; _gat=1; __gads=ID=d3c2c9eecc32c255-2255c651ffca000e:T=1635027015:RT=1635027015:S=ALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54739
last-modified: Sat, 23 Oct 2021 21:54:58 GMT
server: cloudflare
etag: "d5d3-5cf0c2dc6b819"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pI7p2umMld91GAx5J4t4GF1egNDjpKuHh4UuxMtfTk1urJGMvmyKzUQjDZr2uGwhwAZ4zP1WJwFmPeO41oBVdhqOSs1F86K7XQ3qHI7Wx17JWyXT9rnwdUa9XBGAZrKCwafkYoiQTm6upA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a2e4b6a8d275a19-MXP

GET
H2 200 5622-myanmar-decries-move-to-block-coup-leader-from-asean-summit-696x365.jpg
all-news.co/wp-content/uploads/2021/10/ 74 KB
74 KB 31ms
31ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5622-myanmar-decries-move-to-block-coup-leader-from-asean-summit-696x365.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b36a3b522b51736a601ae1b1c9bb2e8fa4954092227c06c23cd9b37f0b9b6cc

Request headers

:path: /wp-content/uploads/2021/10/5622-myanmar-decries-move-to-block-coup-leader-from-asean-summit-696x365.jpg
pragma: no-cache
cookie: _ga=GA1.2.1304940241.1635027015; _gid=GA1.2.955610095.1635027015; _gat=1; __gads=ID=d3c2c9eecc32c255-2255c651ffca000e:T=1635027015:RT=1635027015:S=ALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75535
last-modified: Sat, 23 Oct 2021 20:48:28 GMT
server: cloudflare
etag: "1270f-5cf0b3ffde709"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEJAotgWogCK%2BSiEshTU67rAG%2F%2F0akyPKENZoyDOgTNNyKaDYXQ%2BTQ2p0XnpzB4U2ukVJ8%2FMM8l7jPmB3aFXjucWaOD9lhwei%2FyO%2Br8ras%2FOOXzJmwf7MEgbfdkKjyFYD998tp4O6YGDFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a2e4b6afe815a19-MXP

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame F108 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6917536991&adk=3184593537&adf=3675353251&pi=t.ma~as.6917536991&w=300&lmt=1635027017&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027017070&bpp=2&bdt=2390&idt=2&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3c2c9eecc32c255-2255c651ffca000e%3AT%3D1635027015%3ART%3D1635027015%3AS%3DALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C1600x1200%2C1005x124&nras=3&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=4296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&psts=AGkb-H_GgfpCSr1MfkUIbtBuTS7BGdXHtMToHS6sqAgSKThqWhW3JOUxGZ0ZLrWdInHWholcffNhTRLoBgGZTA%2CAGkb-H-9Ov92oCtLzn2ZZak9Z9jdgyXsSvwCSL-29P2A4qEkg5TPki_XSi75fBxSkW2_OLdh2XkV8rQrEpy-qUQK5azWzCI2znI6I7Q8KlQ%2CAGkb-H9_4R9KUl34A_b52Y-QK_XV57QE_Ic_yqZbQkU5ibQOnytiIfvRDmDDohIcg-cKF4UkeDvhRiEFNA&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=xxj7uQMSLR&p=https%3A//all-news.co&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 22:01:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F108 120 KB
37 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 22:10:17 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame F108 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 22:01:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F108 0
0 25ms
24ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSByMWs3H0O69p0mn8b_tnubu3PonBpww4RLcyOwI0UTMEsa6lVxYEJO74pChrJhm2jafkjb4upxCrtH4PBTtMv-DgSIg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6917536991&adk=3184593537&adf=3675353251&pi=t.ma~as.6917536991&w=300&lmt=1635027017&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027017070&bpp=2&bdt=2390&idt=2&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3c2c9eecc32c255-2255c651ffca000e%3AT%3D1635027015%3ART%3D1635027015%3AS%3DALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C1600x1200%2C1005x124&nras=3&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=4296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&psts=AGkb-H_GgfpCSr1MfkUIbtBuTS7BGdXHtMToHS6sqAgSKThqWhW3JOUxGZ0ZLrWdInHWholcffNhTRLoBgGZTA%2CAGkb-H-9Ov92oCtLzn2ZZak9Z9jdgyXsSvwCSL-29P2A4qEkg5TPki_XSi75fBxSkW2_OLdh2XkV8rQrEpy-qUQK5azWzCI2znI6I7Q8KlQ%2CAGkb-H9_4R9KUl34A_b52Y-QK_XV57QE_Ic_yqZbQkU5ibQOnytiIfvRDmDDohIcg-cKF4UkeDvhRiEFNA&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=xxj7uQMSLR&p=https%3A//all-news.co&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame F108 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CT3FxSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEvwFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZgwq8EvGc3Q1u6C2_CHP1ODH3IAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=PAZSB8qnnjI&uach_m=[UACH]&cid=CAQSPACNIrLMitFASLJ3xCDBGUeVG5JXiY5xHGU7ISJnS7Jvdr2aGU35lxtNdKZ4YutXj_2DSab_UalCnCIEHxgB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6917536991&adk=3184593537&adf=3675353251&pi=t.ma~as.6917536991&w=300&lmt=1635027017&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027017070&bpp=2&bdt=2390&idt=2&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3c2c9eecc32c255-2255c651ffca000e%3AT%3D1635027015%3ART%3D1635027015%3AS%3DALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C1600x1200%2C1005x124&nras=3&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=4296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&psts=AGkb-H_GgfpCSr1MfkUIbtBuTS7BGdXHtMToHS6sqAgSKThqWhW3JOUxGZ0ZLrWdInHWholcffNhTRLoBgGZTA%2CAGkb-H-9Ov92oCtLzn2ZZak9Z9jdgyXsSvwCSL-29P2A4qEkg5TPki_XSi75fBxSkW2_OLdh2XkV8rQrEpy-qUQK5azWzCI2znI6I7Q8KlQ%2CAGkb-H9_4R9KUl34A_b52Y-QK_XV57QE_Ic_yqZbQkU5ibQOnytiIfvRDmDDohIcg-cKF4UkeDvhRiEFNA&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=xxj7uQMSLR&p=https%3A//all-news.co&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 23 Oct 2021 22:10:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame F108 0
0 344ms
289ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kd41adzc0wkr178mx06zybfzaymf06xjkvfsjkh05mhw5pqvazp7gz1myxwv0v0gamwdhzwdyr03pdkh4pxyv516d6fe3tcap7tc26a9bfz6cnvwfy54knc52khfjm35qbv86jzc2bstdbm8m8kvbbkypqrp4x5y2gd1rdj24w95p6nq1qwcwqc4eb3bnzav2gbbajn25zbpxvdntz07qj1zm9a2vx8y05hnmc0kxs0ae6x3n9z8z057ept80wagc68f4n09pbey2g0sqc5j7frbhfm7bxhje3fymkq16qw85jt7c702eqrb6ndwpk0tbtx7sdw48ty26j39ycmt6jwyepeqm4rcrsq3b53zfd190x4f4f5x1rh9620ecerwcgfgeb5y0jwp0j5&b=YXSISQABhH0K4DHRAA7hayZg2_EfbZGJIuSz5A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6917536991&adk=3184593537&adf=3675353251&pi=t.ma~as.6917536991&w=300&lmt=1635027017&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027017070&bpp=2&bdt=2390&idt=2&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3c2c9eecc32c255-2255c651ffca000e%3AT%3D1635027015%3ART%3D1635027015%3AS%3DALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C1600x1200%2C1005x124&nras=3&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=4296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&psts=AGkb-H_GgfpCSr1MfkUIbtBuTS7BGdXHtMToHS6sqAgSKThqWhW3JOUxGZ0ZLrWdInHWholcffNhTRLoBgGZTA%2CAGkb-H-9Ov92oCtLzn2ZZak9Z9jdgyXsSvwCSL-29P2A4qEkg5TPki_XSi75fBxSkW2_OLdh2XkV8rQrEpy-qUQK5azWzCI2znI6I7Q8KlQ%2CAGkb-H9_4R9KUl34A_b52Y-QK_XV57QE_Ic_yqZbQkU5ibQOnytiIfvRDmDDohIcg-cKF4UkeDvhRiEFNA&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=xxj7uQMSLR&p=https%3A//all-news.co&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Oct 2021 22:10:17 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 581E 2 KB
3 KB 95ms
42ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gtfszakm9cggf5sz44djsaxqhafy13rn2ammd1dgnj00wr1sw32zdqg8v90s7skrrgtm20ydragnc198nzp75bbmqnn99fv5qwdw1jmckx46vxg6ke8bppxfkm41wnz5m3079vy7rgmn43a52yb6r5sxg4a0mb7cacxtf768ah620atxvdxdgcvn52p3de3ws7jepsap5vyvxxnd3yzc6skabzhb4sqwrkqvd7zh27n38cbqdm5ev0c45bh4mpg4sjeed56dfccy787grg3b4x83ybrdba6eptyg1bynr544qcmjskwf374h7946rtp4kgrb8jprbyhkynmzd81ce7dz4drckpygcbbdrcjq2zepcpf64vk20hr2ft4ct3c45b9549asfkp0zsp9pgb305nj4k9cd52xx3dz54ah3xqpbd45b8rj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%26client%3Dca-pub-8439024877331049%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63927600d6ca7285399240eec99440984e379e31dc587e6127a5c20d77736b77

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1gtfszakm9cggf5sz44djsaxqhafy13rn2ammd1dgnj00wr1sw32zdqg8v90s7skrrgtm20ydragnc198nzp75bbmqnn99fv5qwdw1jmckx46vxg6ke8bppxfkm41wnz5m3079vy7rgmn43a52yb6r5sxg4a0mb7cacxtf768ah620atxvdxdgcvn52p3de3ws7jepsap5vyvxxnd3yzc6skabzhb4sqwrkqvd7zh27n38cbqdm5ev0c45bh4mpg4sjeed56dfccy787grg3b4x83ybrdba6eptyg1bynr544qcmjskwf374h7946rtp4kgrb8jprbyhkynmzd81ce7dz4drckpygcbbdrcjq2zepcpf64vk20hr2ft4ct3c45b9549asfkp0zsp9pgb305nj4k9cd52xx3dz54ah3xqpbd45b8rj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%26client%3Dca-pub-8439024877331049%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2e4b6b8c1b3762-MXP
content-encoding: br

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CEC2 1 KB
845 B 14ms
14ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Oct 2021 18:26:41 GMT
expires: Sun, 24 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 13416
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 5689-this-guy-is-a-winner-ben-verlander-reacts-to-dusty-baker-and-the-astros-clinching-game-6-of-the-alcs-flippin-bats.png
all-news.co/wp-content/uploads/2021/10/ 143 KB
143 KB 26ms
25ms Image
image/png 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5689-this-guy-is-a-winner-ben-verlander-reacts-to-dusty-baker-and-the-astros-clinching-game-6-of-the-alcs-flippin-bats.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b597886e5ac4a0be6c44cee65435b1092041620af4988fa04a8be4564d15218f

Request headers

:path: /wp-content/uploads/2021/10/5689-this-guy-is-a-winner-ben-verlander-reacts-to-dusty-baker-and-the-astros-clinching-game-6-of-the-alcs-flippin-bats.png
pragma: no-cache
cookie: _ga=GA1.2.1304940241.1635027015; _gid=GA1.2.955610095.1635027015; _gat=1; __gads=ID=d3c2c9eecc32c255-2255c651ffca000e:T=1635027015:RT=1635027015:S=ALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 146433
last-modified: Sat, 23 Oct 2021 21:53:01 GMT
server: cloudflare
etag: "23c01-5cf0c26d222dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FMaru7Z4RivB6lSVBs%2Fnj%2Bw7KI6AALFlIH9tL2Mw1B1zDaoSrei9AmH8nlN%2FK2ovZCnhWF%2BYHJ1bvU0nG6rrJ2bp6VPckxLC4HOu%2FkV%2B0mk%2BFRyJcacp%2B8UqfU34CYpSyR78NVOxYVCLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a2e4b6b3f5e5a19-MXP

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 51ms
49ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=1784373347073069&bg=!TU6lTgrNAAbUs_yW1LM7ACkAdvg8Wu_HtOJ_4t9TmEKrZ1wNK1dEwXRplw6EbjxET7PMKBwSgGJIEwIAAAB1UgAAABpoAQeZArlu9-B8iOa-Gf-ErSQBr6pmZIBDwlerVTe_1HrO-39rwL6i6FY18nkn78WQQHxy7x7ZBchL0tQ7KK954f4NzAs1rs_x63UPyU3en2qjqcxQtQPJ5HxI5497ru86kCfIvXzJw6UXY5XKJUDDPccOVO0R358wubpzJjDZjBWIt4eC3BkDqO0Ju68NI6U6iU_WuvNJ7UnJJyi1TCtYCpOKsm6D8RJTC63_FD_o_1ZC10PaIFW4yFoa8FdDpauU-5nh0mYs7hAZ9LE_--Bjz_ErusV8BHpGkfToaOqGtcvtmyoYTE_a43D0BzXujJ2DRgssQsqxA_DSswWZuCdFBHKQXvpHGhK0npUHn9d6KGSM1sIAe0yU5XcccTLvZXYmkbOvDnM6zetN-GRJL_lQQmL_mJIiX1iBeY7tbuXSl-MeoMkKWTT2ypJKsX4Nhss_B08R1YCuZYlB7H7RAKXATfL-dfjw7dQNEQhQ9ZXhg5kCQahvQdCqvakErlNb5PPQcgP-VuUje1HG-K3e4sE5Emsaj20hypTb-AeNeQzSbClFlUw4NDp3APEgvi1L4N-CsC0KYAawfhS-J0uiedte2qHN1-gt8wqezhYL6dIMGUiv26kHnQkuq77bu34Sq7TvVENJAFW7yWbfSqwR-QQuMJpwDnJg3MH2VlXgBDKpWFrncX9qn7wBzCDttadVLmoKgNDyRc3akLcjtkzZ3vv42aI_DTLxtFU1m3NB9taU2D5bPtQJRlE96H7DCoK7y2T2QLob0IccBA9TJgB_NNlXADtAhjEDIlequL_OReUt_kHW_moLABPLhDtx5GOSPfgolhxCdh0CNFCmcOLfJu3xmF2_aJr6MVCtPJs75w1E-s7ABDvHjkj0NDW6ymA9gmduG8Vg4n67foOmf7YQjBctzSbHfNrJa8vRR2p1Xy8F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 22:10:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame CEC2 35 B
463 B 46ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFg0c6SP4Znk6v8isUufOVk&google_cver=1&google_push=AYg5qPKKo7tv09GJBN09vrhy8sb11RuOMFWj0kHs9fOysfvjC1XK-CxknVg-CNImxqsvdHFyuMWzcrl2f2figt0h7t0XbIsBZ3y1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 22:10:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CEC2
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEGjfqxwSjeSjZP4RP0-Pb1w&google_cver=1&google_push=AYg5qPKemv89ymCP9C4kyaXgvOkj-GXLBSzrUt3YWisxBHqn4vjoYD76JiwuhbN_cfpgjAxFxf9s1NmvMsg1gWkkxtrz2PrCQna9
https://rtb.openx.net/sync/dds?google_gid=CAESEGjfqxwSjeSjZP4RP0-Pb1w&google_cver=1&google_push=AYg5qPKemv89ymCP9C4kyaXgvOkj-GXLBSzrUt3YWisxBHqn4vjoYD76JiwuhbN_cfpgjAxFxf9s1NmvMsg1gWkkxtrz2PrCQna9&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKemv89ymCP9C4kyaXgvOkj-GXLBSzrUt3YWisxBHqn4vjoYD76JiwuhbN_cfpgjAxFxf9s1NmvMsg1gWkkxtrz2PrCQna9&google_hm=QkiL-XSfzzQBTUj9a2USEg==

170 B
188 B

31ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKemv89ymCP9C4kyaXgvOkj-GXLBSzrUt3YWisxBHqn4vjoYD76JiwuhbN_cfpgjAxFxf9s1NmvMsg1gWkkxtrz2PrCQna9&google_hm=QkiL-XSfzzQBTUj9a2USEg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 22:10:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 22:10:16 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKemv89ymCP9C4kyaXgvOkj-GXLBSzrUt3YWisxBHqn4vjoYD76JiwuhbN_cfpgjAxFxf9s1NmvMsg1gWkkxtrz2PrCQna9&google_hm=QkiL-XSfzzQBTUj9a2USEg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 9k84pcgbl36b7kaurnu8dpe4p0fq3sv5

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CEC2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ng99QjDCTDexqS8Ivqhdog%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ng99QjDCTDexqS8Ivqhdog%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ3UvQvL7f_FpCl8fTcf5-2Mv3mEPK_rIsPsYKozKZ3YXU8vW4Itb4BWPQ9pH_zQnlLi9dXrvv5MWDEKW0frDn4DNe19oww

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 22:10:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ng99QjDCTDexqS8Ivqhdog%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ3UvQvL7f_FpCl8fTcf5-2Mv3mEPK_rIsPsYKozKZ3YXU8vW4Itb4BWPQ9pH_zQnlLi9dXrvv5MWDEKW0frDn4DNe19oww
date: Sat, 23 Oct 2021 22:10:15 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CEC2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENWEk7Q4o_Q0aMsAmdZ3rRY&google_cver=1&google_push=AYg5qPIYdIbPK54FMvcVCnvYuFN2Rj3y0IMFVTKDCd-65o3sta0DzsPTvnEMOA5eCrI7fXa24j-...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0Q1ZDWTMtOC1HNFpR&google_push=AYg5qPIYdIbPK54FMvcVCnvYuFN2Rj3y0IMFVTKDCd-65o3sta0DzsPTvnEMOA5eCrI7fXa24j-OSGzxm9u5-mUu1xeW_eO4UKbd

170 B
329 B

21ms
21ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0Q1ZDWTMtOC1HNFpR&google_push=AYg5qPIYdIbPK54FMvcVCnvYuFN2Rj3y0IMFVTKDCd-65o3sta0DzsPTvnEMOA5eCrI7fXa24j-OSGzxm9u5-mUu1xeW_eO4UKbd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 22:10:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0Q1ZDWTMtOC1HNFpR&google_push=AYg5qPIYdIbPK54FMvcVCnvYuFN2Rj3y0IMFVTKDCd-65o3sta0DzsPTvnEMOA5eCrI7fXa24j-OSGzxm9u5-mUu1xeW_eO4UKbd
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame CEC2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECWf3zldIXGVM9C2esYDVrw&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_Lr...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame CEC2 43 B
297 B 740ms
180ms Image
image/gif 2600:1f14:d24:9302:439e:399b:f2d2:b482
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJJ5YZHunwf-rWuLpVwNyS8&google_cver=1&google_push=AYg5qPI7tws41rdMO0Zwd4BGz11dTwllDhZWL_9k6WBFLftyxp7E9cwFydLE2fRYmmKAOs1w5TwNo7jH8QuNn8JCsBjbeZ87bKaX
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6917536991&adk=3184593537&adf=3675353251&pi=t.ma~as.6917536991&w=300&lmt=1635027017&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027017070&bpp=2&bdt=2390&idt=2&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3c2c9eecc32c255-2255c651ffca000e%3AT%3D1635027015%3ART%3D1635027015%3AS%3DALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g&prev_fmts=0x0%2C728x90%2C300x250%2C300x250%2C1600x1200%2C1005x124&nras=3&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=650&ady=4296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&psts=AGkb-H_GgfpCSr1MfkUIbtBuTS7BGdXHtMToHS6sqAgSKThqWhW3JOUxGZ0ZLrWdInHWholcffNhTRLoBgGZTA%2CAGkb-H-9Ov92oCtLzn2ZZak9Z9jdgyXsSvwCSL-29P2A4qEkg5TPki_XSi75fBxSkW2_OLdh2XkV8rQrEpy-qUQK5azWzCI2znI6I7Q8KlQ%2CAGkb-H9_4R9KUl34A_b52Y-QK_XV57QE_Ic_yqZbQkU5ibQOnytiIfvRDmDDohIcg-cKF4UkeDvhRiEFNA&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=xxj7uQMSLR&p=https%3A//all-news.co&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:d24:9302:439e:399b:f2d2:b482 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 22:10:18 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CEC2
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPHpXbO_9JrMvEPNo4uldyE&google_cver=1&google_push=AYg5qPKfJz9oNGGsY_8Za3n-...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKfJz9oNGGsY_8Za3n-s8lLFULFV-AzguzQjQk4Vne7qW9ulSCVjRJa-eR5lnPFTeY_oOE2tkn9pv091tVDkYV7sd78GLvOEQ&google_hm=

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKfJz9oNGGsY_8Za3n-s8lLFULFV-AzguzQjQk4Vne7qW9ulSCVjRJa-eR5lnPFTeY_oOE2tkn9pv091tVDkYV7sd78GLvOEQ&google_hm=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 22:10:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 22:10:17 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKfJz9oNGGsY_8Za3n-s8lLFULFV-AzguzQjQk4Vne7qW9ulSCVjRJa-eR5lnPFTeY_oOE2tkn9pv091tVDkYV7sd78GLvOEQ&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 22 Oct 2021 22:10:17 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CEC2 0
194 B 54ms
16ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOWy5mRgGyWKdI-c7LwfitthftzIN8f5csl6uhACBqN6wzjg4CqHbm1d_tQ_FCKCV5S-ygcQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame F108 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b643faf22943b24fa71a207193d45b039ee76631df779926a125666c229303e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 581E 64 KB
8 KB 336ms
34ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gtfszakm9cggf5sz44djsaxqhafy13rn2ammd1dgnj00wr1sw32zdqg8v90s7skrrgtm20ydragnc198nzp75bbmqnn99fv5qwdw1jmckx46vxg6ke8bppxfkm41wnz5m3079vy7rgmn43a52yb6r5sxg4a0mb7cacxtf768ah620atxvdxdgcvn52p3de3ws7jepsap5vyvxxnd3yzc6skabzhb4sqwrkqvd7zh27n38cbqdm5ev0c45bh4mpg4sjeed56dfccy787grg3b4x83ybrdba6eptyg1bynr544qcmjskwf374h7946rtp4kgrb8jprbyhkynmzd81ce7dz4drckpygcbbdrcjq2zepcpf64vk20hr2ft4ct3c45b9549asfkp0zsp9pgb305nj4k9cd52xx3dz54ah3xqpbd45b8rj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%26client%3Dca-pub-8439024877331049%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gtfszakm9cggf5sz44djsaxqhafy13rn2ammd1dgnj00wr1sw32zdqg8v90s7skrrgtm20ydragnc198nzp75bbmqnn99fv5qwdw1jmckx46vxg6ke8bppxfkm41wnz5m3079vy7rgmn43a52yb6r5sxg4a0mb7cacxtf768ah620atxvdxdgcvn52p3de3ws7jepsap5vyvxxnd3yzc6skabzhb4sqwrkqvd7zh27n38cbqdm5ev0c45bh4mpg4sjeed56dfccy787grg3b4x83ybrdba6eptyg1bynr544qcmjskwf374h7946rtp4kgrb8jprbyhkynmzd81ce7dz4drckpygcbbdrcjq2zepcpf64vk20hr2ft4ct3c45b9549asfkp0zsp9pgb305nj4k9cd52xx3dz54ah3xqpbd45b8rj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 207294
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2e4b6dcf573762-MXP
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 581E 36 KB
13 KB 45ms
36ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gtfszakm9cggf5sz44djsaxqhafy13rn2ammd1dgnj00wr1sw32zdqg8v90s7skrrgtm20ydragnc198nzp75bbmqnn99fv5qwdw1jmckx46vxg6ke8bppxfkm41wnz5m3079vy7rgmn43a52yb6r5sxg4a0mb7cacxtf768ah620atxvdxdgcvn52p3de3ws7jepsap5vyvxxnd3yzc6skabzhb4sqwrkqvd7zh27n38cbqdm5ev0c45bh4mpg4sjeed56dfccy787grg3b4x83ybrdba6eptyg1bynr544qcmjskwf374h7946rtp4kgrb8jprbyhkynmzd81ce7dz4drckpygcbbdrcjq2zepcpf64vk20hr2ft4ct3c45b9549asfkp0zsp9pgb305nj4k9cd52xx3dz54ah3xqpbd45b8rj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date: Sat, 23 Oct 2021 22:10:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38603
x-guploader-uploadid: ADPycdssgtDybDMCtFL9SRSi9c7Mvy8WBvZnIxUZ5vt336Ojqg1JwNtF1baLFgLfwmXuakrK6VQy85zWt01jGE3qrl4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:26:36 GMT
server: cloudflare
etag: W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=908jynV8Ght5YxMnF4w97yDRtAgPePq9CKiIA%2FjYtlE%2FqluCwbTlcfzQN2HZoARgB%2F6rMFzQnl2KLXiYuvL%2FfZC8ugTUqBC0BXmjFhB6xxjf9F5w65GaNn%2Bxwbxl1UykhhWXMxs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634729196057447
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11922
cf-ray: 6a2e4b6bfca83762-MXP
expires: Sat, 23 Oct 2021 11:26:54 GMT

GET
H2 200 5624-us-says-it-killed-al-qaeda-leader-in-syria-with-drone-strike-696x366.png
all-news.co/wp-content/uploads/2021/10/ 108 KB
108 KB 31ms
31ms Image
image/png 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/10/5624-us-says-it-killed-al-qaeda-leader-in-syria-with-drone-strike-696x366.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c624e73c4c74da084d7cf042f017acac0a078d9d54426339fb32de26c5a9e31

Request headers

:path: /wp-content/uploads/2021/10/5624-us-says-it-killed-al-qaeda-leader-in-syria-with-drone-strike-696x366.png
pragma: no-cache
cookie: _ga=GA1.2.1304940241.1635027015; _gid=GA1.2.955610095.1635027015; _gat=1; __gads=ID=d3c2c9eecc32c255-2255c651ffca000e:T=1635027015:RT=1635027015:S=ALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 110538
last-modified: Sat, 23 Oct 2021 20:48:31 GMT
server: cloudflare
etag: "1afca-5cf0b4023e5b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acIkP5IT4YXQKrVO1ybm%2BAaLODdiI1LFcOgJUVg9DAeYU%2B9TuII8sRZCVg%2Bc7ZBXGFCxmwHuqM%2FFAI%2FyrCvb1xgs5w3GU8nTELlqrHhq8ATAZmXU5iRo7aDnuOD5NjIpiI3lDfSFThuxBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a2e4b6bf91a5a19-MXP

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7B72 42 B
174 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRCh8Wqh-QDyGiF04229aYWFC7hko69WeEnFBw6xKDwGTWJsTezN_d1cfNrdE4LEmsJJMIL3JJHEvvUEG4Q8IiJjGNoNkWQ1lFnyOhY-3mOu2clKabHg&sai=AMfl-YSsGdtpapEkbKwe1p4HmRcd4V_6V1sWFiU_vWNrSFnm45RqjxXDYXrG-2iJuQe1sYt9BnovQKMK37nZ&sig=Cg0ArKJSzDB4dTvkJygWEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2672234074&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635027015422&rpt=1270&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 22:10:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 581E 3 KB
4 KB 41ms
13ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sat, 23 Oct 2021 22:10:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3527422
x-guploader-uploadid: ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SwW9DnDeHOP5GtkMwoQKd2MolOhf%2FCiGvc3g%2F25s8qxz5S9lUqv6jSvedpy5Ge3drvI4EqDJmZ5W%2Fqfp5KKGHlMtY3VF4E8KUOpuQDflHeu36VyD0c8%2BMeii9YnIQnaK4LW8lR2bY8%2BY4F2rQTonKwJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6a2e4b6e2d8c4dee-FRA
expires: Tue, 13 Sep 2022 02:19:55 GMT

GET
H2 200 frame.html Show response
ad4m.at/ Frame ED10 2 KB
1 KB 335ms
33ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 23 Oct 2021 22:10:18 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunb5fYC1m9dNhoGuLTimCjdDaVqkoUDGHrVfXuZTyYr3a8CcMkqhbUjJyyjLrzIb6bHKjqGO5shRDOMqSBEM1ez9YqVQ
expires: Sat, 23 Oct 2021 23:10:18 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 360930
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFkDO4zgB%2BiCpHxISHNikS%2B5kxYsTSN4DQXyEcVpAOA4j6sH2jsAClxMWDCCl0o2K3229UQ%2Be%2BF%2Ft4LeKk7%2FHUIbvu7MTurP6RXVm6AiY1uYb1ADSqRG6Ac7kqtVr0E3mWL8bGg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a2e4b6ffaaa3762-MXP
content-encoding: br

POST
H2 200 rs Show response
ad4m.at/ Frame 581E 1 KB
1 KB 48ms
48ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d83d23c9355213c563f823cc226b1b5c63995f1a8677834ddcac4970ee338c2

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6a2e4b70dcd83760-MXP
date: Sat, 23 Oct 2021 22:10:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBuYCZGl%2BBlp8KSA9PUbDOEw46%2BfUo45X1vCXJtKBB576wjhAAmX1J0NeAPHW2dBTpRnI2qYsSZqA5JIjFceE%2FFmIiFXEic7REQVfoG4LTme6KgPMdH18I9%2BDJ1MprtnIzBrzRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-7nvj

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 94ms
50ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 23 Oct 2021 22:10:18 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-7nvj
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e02xV3VRmYtvKuHz0Vi94Nv0T2chFVIxsuB5uUGRmT3b7Lkag3F0PKiw5z0QaGJN8a%2BVAk0arrnourGfNaecZhXspgal%2FbTKEMzbIRn%2F93IFuUoV6RQ2T09DZR8AAXHRBfO2fB8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2e4b708c123760-MXP

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame C021 7 KB
4 KB 40ms
40ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53bfb4fef4f5f9ea912e4002f8e0e6dab6ed65a252fb289280fe4f2958cf3398

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1gtfszakm9cggf5sz44djsaxqhafy13rn2ammd1dgnj00wr1sw32zdqg8v90s7skrrgtm20ydragnc198nzp75bbmqnn99fv5qwdw1jmckx46vxg6ke8bppxfkm41wnz5m3079vy7rgmn43a52yb6r5sxg4a0mb7cacxtf768ah620atxvdxdgcvn52p3de3ws7jepsap5vyvxxnd3yzc6skabzhb4sqwrkqvd7zh27n38cbqdm5ev0c45bh4mpg4sjeed56dfccy787grg3b4x83ybrdba6eptyg1bynr544qcmjskwf374h7946rtp4kgrb8jprbyhkynmzd81ce7dz4drckpygcbbdrcjq2zepcpf64vk20hr2ft4ct3c45b9549asfkp0zsp9pgb305nj4k9cd52xx3dz54ah3xqpbd45b8rj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%26client%3Dca-pub-8439024877331049%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gtfszakm9cggf5sz44djsaxqhafy13rn2ammd1dgnj00wr1sw32zdqg8v90s7skrrgtm20ydragnc198nzp75bbmqnn99fv5qwdw1jmckx46vxg6ke8bppxfkm41wnz5m3079vy7rgmn43a52yb6r5sxg4a0mb7cacxtf768ah620atxvdxdgcvn52p3de3ws7jepsap5vyvxxnd3yzc6skabzhb4sqwrkqvd7zh27n38cbqdm5ev0c45bh4mpg4sjeed56dfccy787grg3b4x83ybrdba6eptyg1bynr544qcmjskwf374h7946rtp4kgrb8jprbyhkynmzd81ce7dz4drckpygcbbdrcjq2zepcpf64vk20hr2ft4ct3c45b9549asfkp0zsp9pgb305nj4k9cd52xx3dz54ah3xqpbd45b8rj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%26client%3Dca-pub-8439024877331049%26adurl%3D

Response headers

date: Sat, 23 Oct 2021 22:10:18 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2e4b712c483762-MXP
content-encoding: br

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame C021 64 KB
8 KB 34ms
34ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 22:10:18 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 207295
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2e4b718cca3762-MXP
cf-bgj: minify

GET
H2 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame C021 12 KB
13 KB 51ms
41ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Sat, 23 Oct 2021 22:10:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1401753
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdvHFfepTyXgElqCwfEv8ilhGYBn7KAOShrTJaFyE-g5kU_fpRoq0ZNbyXVmO7Q2fzhiUBZhL0wCnVvcXBOU-g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y13wkLy4UOT38DWRzIfxytfuF3kSeDoorKChKelgPX0a4oVTrCEGkPW4UBIdM0%2F8ol4XGlq0bWiLWW4tSVuoRPpLhxnMNcbmhRkzVNM2Xs6RPKUVDXCWvu4QStr2rasNXAaE0YWoiCO7Yzy8"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Sun, 24 Oct 2021 22:10:18 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 6a2e4b719cdc3762-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame C021 10 KB
11 KB 50ms
40ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Sat, 23 Oct 2021 22:10:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1394964
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdt8Y95Et5IY97KEQ9RlbO4UALD4MGHVU2t6CW3wbHXMFTmjmvHC2UnxK65ILn_4WqBQ189m75-6Fk4X2XmPcg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIoQMhlcGut8kw%2F6A8ifgiv7tGEuPy1vbaa%2BwmNIAjiTNeF8o%2Bcrvkt2FKrH4ZthrR7742n9WW6mqLOU2i%2B%2BwIgDajGjznwMCN0V5R%2B4UZaxtWYGmmDtWkxz0f04O7tSPaSX7%2BsBaX7L0zmp"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Sun, 24 Oct 2021 22:10:18 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 6a2e4b719cdd3762-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame C021 8 KB
9 KB 38ms
29ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Sat, 23 Oct 2021 22:10:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276634
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdv3Bl391Lk_FL0-T0dy60JRxKVTQ0GJL_A5KexyzsEP0bvHC3VXNyRH8cgXHsQPvTDY5iHk2Nq2sR1xUPntVTQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIijMPYfAtiJE1B0RJNWzQ6Jvn40zVIMnPnD42aeGfgZQfxQlG%2BOZM9ye2XE5eW4Z%2F3ZaCn3Ts2plY8nKOmcvB7l%2F9EuHLqgxMX23TCQnb7kBIJaTOpHj6t8TEoOph%2FMNaPsDgNsd7mC8Lo8"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Sun, 24 Oct 2021 22:10:18 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6a2e4b719cdf3762-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame C021 30 KB
30 KB 38ms
29ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Sat, 23 Oct 2021 22:10:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517247
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdtysvP5UaUnxtM9s3dDi351IODCeYkbthcilO01IkPZ71fj33VizA-aw4ErFY43vKRn2XCtHSGa9W7wRMRXUgw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvoDZPrI10%2Fi0gr8LJrZ0BejFcdZ4eUk9L1NH7ELIPDmmz1mF8fHFkyqMB1mAinC2utV%2BLL5pJLoekn7pdlSV%2FvRAvlZEngjUI%2F%2FLxQzGj2Qm6%2B%2Bh%2BwzKvyKeQwwRUGX02PnxhO9a6p%2FcR9R"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Sun, 24 Oct 2021 22:10:18 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 6a2e4b719ce03762-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame C021
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJiOiqXG4fMCFU6L_QcdKwcBEw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidm97952zIPQKk-w8ej53P1GBXPEzbX1CWasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635027018_01e60cf1-344e-11ec-b9be-2230dce87953

0
518 B

53ms
11ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635027018_01e60cf1-344e-11ec-b9be-2230dce87953
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 22:10:18 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sat, 23 Oct 2021 22:10:18 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635027018_01e60cf1-344e-11ec-b9be-2230dce87953
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
assets.ad4m.at/logo/ Frame C021 6 KB
7 KB 49ms
41ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=zQSWoA==, md5=JshO+ccZ9c9hWnmahmfS4A==
date: Sat, 23 Oct 2021 22:10:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1396653
cf-polished: origFmt=png, origSize=17428
x-guploader-uploadid: ADPycdsXHc7rhMkiRzSW-LFDtch_6DPgrrAvmmz_YJ1XzV3oVyBeI09Hw9b9TeCxD44jWGG-eZD_6aEAsCCpXC5LLS4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6390
last-modified: Wed, 18 Aug 2021 10:34:33 GMT
server: cloudflare
etag: "26c84ef9c719f5cf615a799a8667d2e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tk2DevkZMBsU3cRt4x6K%2BYnIaUHf0Fu%2BDVmagHCliaMfM%2BiZSqa3%2B%2FiJFhFHVXzZRETXjX0v8fhEOJ9cJyF0FSLfBFmVQ19Bzbztp4%2B48iCAmPzl5BsrLyhh2CzUCJumKcg2BBniQZ3xbj32"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629282873725600
content-type: image/webp
expires: Sun, 24 Oct 2021 22:10:18 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 17428
accept-ranges: bytes
cf-ray: 6a2e4b719ce13762-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
assets.ad4m.at/product_image/ Frame C021 28 KB
29 KB 34ms
25ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=nSkqBw==, md5=bZJ3Zgn8rj01Yns5h/mx5Q==
date: Sat, 23 Oct 2021 22:10:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 275902
cf-polished: qual=85, origFmt=jpeg, origSize=82379
x-guploader-uploadid: ADPycdsKmtbzIHLTapg-K2sDZmTBfl2AhdhxA99H0fcXyWotUULB74XWZ-Gl3uWeAujQjI8UFTLqQPfyYIt-EVLPBQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28448
last-modified: Tue, 03 Aug 2021 12:47:14 GMT
server: cloudflare
etag: "6d92776609fcae3d35627b3987f9b1e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDW3nh4hexKoI6VfgEs%2FWyF5XT61NntEfxdikA6dUt894z0BtppPXZmP6Tp0LfPvIqdkITZD8d1yzYxdBVaA6gU8CdnEYmNTe96VcRBoiDudnycebVOEyxc33gI9GfbyYBtPktxb%2BR2%2Fwc%2FN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1627994834652806
content-type: image/webp
expires: Sun, 24 Oct 2021 22:10:18 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 82379
accept-ranges: bytes
cf-ray: 6a2e4b719cde3762-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 tsv
neso.r.niwepa.com/ts/i5542019/ Frame C021 43 B
463 B 112ms
21ms Image
image/gif 35.187.117.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neso.r.niwepa.com/ts/i5542019/tsv?amc=adnetworks.blbn.455799.471580.CRTJDe7y2sn&smc1=oneid5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1oneid__asuidm97952zIPQKk-w8ej53P1GBXPEzbX1CWasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.187.117.15 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.117.187.35.bc.googleusercontent.com

Software

nginx/1.13.9 /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 22:10:18 GMT
last-modified: Sat, 23 Oct 2021 22:10:18 GMT
server: nginx/1.13.9
p3p: policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame C021 1 KB
2 KB 150ms
105ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidm97952zIPQKk-w8ej53P1GBXPEzbX1CWasuid&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidm97952zIPQKk-w8ej53P1GBXPEzbX1CWasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 926f5bf5a62ef629ef55f3be7a1a69cb1b10d2ec31cb5c2c1969fdc5ab3e209e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 22:10:18 GMT
Last-Modified: Sat, 23 Oct 2021 22:10:18 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1395
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame C021 51 KB
51 KB 9ms
8ms Script
application/javascript 18.66.97.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidm97952zIPQKk-w8ej53P1GBXPEzbX1CWasuid&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidm97952zIPQKk-w8ej53P1GBXPEzbX1CWasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 e44e0b24e706487eaec6b9e01f2166dd.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 60140
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 23 Oct 2021 05:27:58 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: j1gNMEbajLaNSog2x3JIGhpUU9x9P5yKebxjZOaycLRSmHhnpGVSpA==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame C021 25 KB
26 KB 79ms
27ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidq7ZumfWfE5qUKCgHDtJtMb5hPT3tAzqu3oneid__asuid2CazFAfrMYxkk0Bi4jzXssxiTPYpLl9Zasuid&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=m97952zIPQKk-w8ej53P1GBXPEzbX1CW&g=13bb58b3f4a2ed3d919ba4372703f0d4%2F5422748421351780905&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635027018378&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hnerydeck6rc25x0frkbwc7fzzj0j1d5smemb49hh9fr01t1ge49yjc27thd3mf480xe77fgjzn2f2c3tz7e2a0avtrf1qf2qs15d9txrx4cyfast3rkthvq6jbb9b0p3twv4v3cc9rdjzcgamg7v27n7kjffa0xgnzdyx6m5wtmfvbw7vrv77k4hkgy5b0szs5e2ccsb8qe74yxh537dear97a5y3dghygtxs3hq0c3hjwxqneswpv2j4gfpm218fj7np4nky0xyvdq120%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsBYGSYh0Yf2IBtHjgAfrwruACJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQLc2A5wtYmzPqgDAaoEwgFP0JccoJ3c8Qx0gbIdgOdET_1aW6fEdAL8CuJQLwQJzpTftgj_QERRfM2LutFvsAUoVXVa2PapJJTBvqlyZpDo-fbxMTfUehpwVnnDIzt-J9NumkhT4xZfFgA3a-dcrchOO4Iq83ZYIZ8JZH2T2evB5LvElRYogECmhouwlVPmnLxlfZ2PkbFaMgFfnoSp8mvl6Jth03EXNW6WSdgosvGqmSbEB7BKm7DxAj_iZk4o_dkRpvN1cyf-avuGRhL-yBvIL4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2oIT4bDjgVERhtNSjogPPv2fEa9Q%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 22:10:18 GMT
Last-Modified: Sat, 23 Oct 2021 22:10:18 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame C021 16 B
232 B 85ms
85ms Fetch
application/json 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-239-54.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Oct 2021 22:10:19 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 29ms
29ms Preflight 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 23 Oct 2021 22:10:19 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 204 unip Show response
trc-events.taboola.com/1400286/log/3/ 0
242 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1400286/log/3/unip?en=pre_d_eng_tb&tos=4752&scd=34&ssd=1&est=1635027015271&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1635027020024&vi=1635027015257&ri=73b8235d459c3eb08e0bf1d33725c9b3&ref=null&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Fall-news.co%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1400286/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://all-news.co
pragma: no-cache
date: Sat, 23 Oct 2021 22:10:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw

Verdicts & Comments Add Verdict or Comment

215 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.all-news.co/	1970-01-20 15:41:39	Name: _ga Value: GA1.2.1304940241.1635027015
.all-news.co/	1970-01-19 22:11:53	Name: _gid Value: GA1.2.955610095.1635027015
.all-news.co/	1970-01-19 22:10:27	Name: _gat Value: 1
.all-news.co/	1970-01-20 07:32:03	Name: __gads Value: ID=d3c2c9eecc32c255-2255c651ffca000e:T=1635027015:RT=1635027015:S=ALNI_MZ6UuAHPdt-54C4CvvFjuzHnefo0g
all-news.co/	1970-01-20 06:56:03	Name: cookielawinfo-checkbox-necessary Value: yes
all-news.co/	1970-01-20 06:56:03	Name: cookielawinfo-checkbox-non-necessary Value: yes
.doubleclick.net/	1970-01-20 07:32:03	Name: IDE Value: AHWqTUlf7DybTnCVFjSGFkqV8oXd3F2aRramtHuBocq0TSLVljAy3k8IS5RFlpWrptY
.mathtag.com/	1970-01-20 06:56:03	Name: uuid Value: 3f6d6174-8847-4c01-8e8d-551bd0f603e9
.medialead.de/	1970-01-20 06:56:03	Name: trscj Value: MTYzNTAyNzAxNnxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRNekJoTjJSbU9HUmxaR0UwWVdFMlAzTjFZbWxrUFRnMU9URXdOVEF3TURBd09ETTBOekF3T1RVeE16a3pNREV4TnpVM01ETXdKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2
.awin1.com/	1970-01-19 22:20:31	Name: awpv14098 Value: 296283\|1635027016\|0062a140-344e-11ec-bb42-2234d33d3970
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: il3msxzxdaghl3bugny04mxq
pb.media01.eu/	1970-01-20 15:41:39	Name: DTU Value: ECB5D962E9BE6273906E4B9CDF6F088E
.doubleclick.net/	1970-01-19 22:10:30	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 00:20:03	Name: d Value: EHoBCQHGJIEA
.quantserve.com/	1970-01-20 07:40:41	Name: mc Value: 61748849-856e1-745f0-1fda8
.openx.net/	1970-01-20 06:56:03	Name: i Value: 4eb23e9c-749e-49ed-bdef-cca2dc5b1b55\|1635027017
.casalemedia.com/	1970-01-20 06:56:03	Name: CMID Value: YXSISQFP-e8M0s4i7Pt8VwAA
.casalemedia.com/	1970-01-20 00:20:03	Name: CMPS Value: 5202
.pubmatic.com/	1970-01-19 22:11:53	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 00:20:03	Name: KADUSERCOOKIE Value: 9E0F7D42-30C2-4C37-B1A9-2F08BEA85DA2
.casalemedia.com/	1970-01-20 00:20:03	Name: CMPRO Value: 1199
.casalemedia.com/	1970-01-19 22:11:53	Name: CMST Value: YXSISWF0iEkA
.innovid.com/	1970-01-20 00:20:03	Name: uuid Value: d81c525e-d5fb-4455-86f0-d980f9b8f535-20211023 18:10:18
.awin1.com/	1970-01-19 22:20:31	Name: awpv11938 Value: 412871\|1635027018\|01e60cf1-344e-11ec-b9be-2230dce87953
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.r.niwepa.com/	1970-01-20 06:56:03	Name: tsv Value: kCY!HUkNA8G1iOE!AQ\|CkIw!A!~By8H3x3A*3U
.congstar.de/	1970-01-19 22:20:39	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1635027018_01e60cf1-344e-11ec-b9be-2230dce87953%22%2C%22sp%22%3A%22awin%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=2461821938&adk=1180885167&adf=392215149&pi=t.ma~as.2461821938&w=300&lmt=1635027015&psa=0&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635027015313&bpp=1&bdt=634&idt=111&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2228304315012&frm=20&pv=1&ga_vid=1304940241.1635027015&ga_sid=1635027015&ga_hid=178297855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938%2C31063229%2C31062526&oid=2&pvsid=1784373347073069&pem=581&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=5VlZUD2LYe&p=https%3A//all-news.co&dtd=119 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXSISQFP_e8M0s4i7Pt8VwAABK8AAAIB&google_cver=1&google_push=AYg5qPIqK7YncoT7ZEMgsFbAM5C0HZOeZFtFXqujHxdm7z-9DfKWHjz6IGIShhUE0x-vNhiZK_LrDEkFfiy5HouGGwFK08pwt0-D&google_gid=CAESECWf3zldIXGVM9C2esYDVrw Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-8439024877331049&fa=1&ifi=7&uci=a!7&btvi=2 Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad-server.eu
ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
alerts.trycake.com
all-news.co
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cdn.onesignal.com
cdn.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal900030.redintelligence.net
image6.pubmatic.com
mandiree.com
neso.r.niwepa.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel.mathtag.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
pv.medialead.de
rtb.openx.net
static-de.ad4mat.net
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
trc-events.taboola.com
trc.taboola.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
104.111.239.217
136.243.149.243
138.201.84.245
141.226.228.48
142.250.186.162
145.239.193.130
148.251.139.77
151.101.129.44
167.89.118.83
172.217.18.102
172.217.23.98
18.66.97.126
185.29.132.246
185.64.190.78
199.217.115.48
2.18.233.201
217.182.200.20
2600:1901:0:76b9::
2600:1f14:d24:9302:439e:399b:f2d2:b482
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700:3030::6815:36b
2606:4700::6812:e234
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c1b::9b
35.187.117.15
35.227.252.103
46.236.13.147
54.75.239.54
54.76.176.197
69.173.144.138
88.198.250.30
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0a2bc53c9a4404a1e1a4829550a1377a1d41c9e2cfc77546e27aa039465a7595
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1beca352daf8e54ac5390c88b5c272dd14ba0ef79d4c79659be7b8f20ebfd97d
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a
246fa910979732db326449e26e22e8e4cb869511cd614aa03c9013157abd8e99
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
282d14ba3c8012b67bef8fac9bd2ac4588302a2729b1c7bdfc5a810779661b54
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2a902e20c0afff7686010501ad87ebb78f46776c768938deedf2ba9c656763ef
2c624e73c4c74da084d7cf042f017acac0a078d9d54426339fb32de26c5a9e31
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3108a595755e4b68a8c9af8465be4462d8d3479043a586bfd3bc18c97c06fe6d
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370
420818e6195feee67d7dd2ac6ea1e329d28e4c4640515aa5e36337cd03d8be7b
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
492a08284858ee3aaaa3623a9aaab2b8bdb252f180ea04f391eda3324a86665b
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
533e9034f5c3b25899810b38192bde26e83cc3b3df67c726daaeedcab9404996
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
53bfb4fef4f5f9ea912e4002f8e0e6dab6ed65a252fb289280fe4f2958cf3398
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf
5aeae3010a8493584f73ab4dc03c204bc61b9b4a5f81d8382e3e2e5872b2f940
5b60c6f39cab7473ad9f7c7099a325a6dfed614a09784eee69890d8b9336cf86
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfee8787bd93db327de296644cc70a1e3de052644ab4faf04124eae9ad8114a
5d83d23c9355213c563f823cc226b1b5c63995f1a8677834ddcac4970ee338c2
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fc676ee87189d1760fae2c6ba1f34663c80039a22eef0143e92d45e20d4c9c1
5fd9b4b10be5a293cbc0f2f89cb21d2072517953a34fb6ac2e7df8d13a966ffe
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
6132b0f6b6a841887bd3c5b0f3e6816f12ed7d42ec69bef4be08ecf69e1694d3
614a0c598ea4387213bafccbbb1c85c305de1198a9eb5f20cee82e41699b68e1
62d02bda5aaec13f346948a2904e477ffd8705ae6d94b775281687b66431b7a7
63927600d6ca7285399240eec99440984e379e31dc587e6127a5c20d77736b77
64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
68c9740e3a31d1ca19b076fd08b704c39e2c8c3a9b88f5bc008e7b4dbbac7e07
69f2ee8d8b0644eb4f8903e31b82e334f001ce4f04bae012b170b19842523df0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7f37f4701545b9d2c855b9ca01b7d98e0a1d4aba5ba12aaf6e66ad8ed2dd2f
71debc40d25ba580fdf19b2a50ab3fac69173b7af6a237821d31801d4477033d
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858
89e75cd169770d55181d7bcae095e5c916c6dbd4d795fc5f3969a939d85bb950
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8b36a3b522b51736a601ae1b1c9bb2e8fa4954092227c06c23cd9b37f0b9b6cc
8bb7d0ec5d90e77802cecd8e3d55139b255a4f40637740ff52d3ec0beb77b69c
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
926f5bf5a62ef629ef55f3be7a1a69cb1b10d2ec31cb5c2c1969fdc5ab3e209e
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
97ee498358f5878714bac2ba543150a52c6df9e5ef69cd503dc578ea213a6b87
985849a53b30f370530ad6589e9b11f7799e1b68ae44b04b16f0d88fcdc40ebd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
9fa19857f112444fab3aee642ca9a2abd06e4b77ba855ca528d1b6f371cd9f5f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a8bc06bf685ff85096bb0343b1e5ebc5915f3fb275c55557c61edaf70a2d7273
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9e38df2b5e9549bc8187f3543a618ce744c651ac5a1b547377ea196116ca60a
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad687ad10fb78382e466a97077e8f7ec9bc2297f6f47c3790ddad4ea1eeee198
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27eaefc28cc00996b82bccd1dfab13e51fa8fa9fa8ae4646285d30757a97269
b33c30209f395d4dcb125a7330d5e1cf513f50d6f8b35003de8c2c883c590dae
b597886e5ac4a0be6c44cee65435b1092041620af4988fa04a8be4564d15218f
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b643faf22943b24fa71a207193d45b039ee76631df779926a125666c229303e3
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd2cff4f59f3e1d3a48593b42d606efaae9a66bad216a1740eb8cc0e71b0bb7d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b
c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c97084c691707388542332abd344dedf75cbfe22436c344b15fbb8ca392b73cf
ca7d028933cdf7658f6524b0d90787282e018d2937aa40c894e7b5509be6cf7a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdaa04bf56580ef8ee2a1592f73141cc5390cf634000a9b97c949a7b3c811542
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d53acd656638fddb513a8c7c82f54b3b0a9a3e06c1fdc9b1a8d2b4642ecf8442
d70b88a7485682319244b123158797d0b988774af0779f5e75481c01e8fb8ca4
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4078f51efbef6111c9adb4b46c84fa2de2aa33c6101aaffe2420628a392d50a
e429a8b491b11fd892c79de131688c7500b099f0e5f185fa6127a7089aa66659
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
ec7c35e0ec4c08cbee8063ed57a1bbbd07bfc907bb7084a2a24703349e8c8840
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f1bfac432c86a377728a8d56d363b2546dc10ff446f98eacc6c2fa465ae442f9
faded22a4d79b933c41a64e0e15d3322f80c33f098a8171fd8e25d3201a8349c
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

all-news.co Open in urlscan Pro 2606:4700:3030::6815:36b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

172 Requests

99 %HTTPS

43 %IPv6

32 Domains

48 Subdomains

36 IPs

9 Countries

2954 kBTransfer

6360 kBSize

27 Cookies

4 Outgoing links

Page URL History

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

all-news.co Open in urlscan Pro
2606:4700:3030::6815:36b Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

99 %
HTTPS

43 %
IPv6

32
Domains

48
Subdomains

36
IPs

9
Countries

2954 kB
Transfer

6360 kB
Size

27
Cookies

172 HTTP transactions
5 data transactions