all-news.co Open in urlscan Pro
5.189.131.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u6387641.ct.sendgrid.net/ls/click?upn=VazvqnVl7P0u1vHscyPcgoyTqdXD1fW-2FzLT3391qosMEA7aognnaoY5RHHjbg1iY31uuCO7jLScx6UxSN...
Effective URL:
https://all-news.co/
Submission: On April 23 via api (April 23rd 2023, 4:39:17 pm UTC) from BE — Scanned from DE

Summary HTTP 228 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 40 IPs in 8 countries across 40 domains to perform 228 HTTP transactions. The main IP is 5.189.131.58, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is all-news.co.
TLS certificate: Issued by R3 on February 26th 2023. Valid for: 3 months.

This is the only time all-news.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.122 167.89.123.122	11377 (SENDGRID) (SENDGRID)
1 1	167.235.79.212 167.235.79.212	24940 (HETZNER-AS) (HETZNER-AS)
1 35	5.189.131.58 5.189.131.58	51167 (CONTABO) (CONTABO)
5	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.94.19 143.204.94.19	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	52.94.230.46 52.94.230.46	16509 (AMAZON-02) (AMAZON-02)
2	108.138.17.219 108.138.17.219	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:1c00:1d:d7f6:39d2:2dc1	16509 (AMAZON-02) (AMAZON-02)
1	52.94.233.131 52.94.233.131	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
16	2404:6800:400... 2404:6800:400a:80a::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
4 25	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
5 5	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2	64.158.223.140 64.158.223.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	3.120.53.183 3.120.53.183	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:5c69:ba98:7fb3:79a9	16509 (AMAZON-02) (AMAZON-02)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.210.125.176 23.210.125.176	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.132.51.149 18.132.51.149	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2 2	18.198.72.223 18.198.72.223	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	52.56.54.153 52.56.54.153	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	173.194.76.156 173.194.76.156	15169 (GOOGLE) (GOOGLE)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
3 3	3.68.255.194 3.68.255.194	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.20.101 52.17.20.101	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:6::9	15169 (GOOGLE) (GOOGLE)
228	40

1 167.89.123.122 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net

u6387641.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.79.212 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.212.79.235.167.clients.your-server.de

bilbor.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 5.189.131.58 (Nuremberg, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: vmi481268.contaboserver.net

all-news.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-19.fra50.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.230.46 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.17.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-219.fra56.r.cloudfront.net

wms-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:1c00:1d:d7f6:39d2:2dc1 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.233.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

fls-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:400a:80a::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.186.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.239 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.217.42 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.158.223.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.53.183 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-53-183.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:5c69:ba98:7fb3:79a9 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.125.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-125-176.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.51.149 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-51-149.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.72.223 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-72-223.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.56.54.153 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-54-153.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.68.255.194 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-255-194.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.20.101 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-20-101.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:6::9 (Ireland)

ASN15169 (GOOGLE, US)

r4---sn-5hne6nsr.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 bid.g.doubleclick.net — Cisco Umbrella Rank: 986	352 KB
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	704 KB
35	all-news.co 1 redirects all-news.co	4 MB
30	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	245 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 23943 ad4m.at — Cisco Umbrella Rank: 9478 assets.ad4m.at — Cisco Umbrella Rank: 31150	547 KB
11	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119 imasdk.googleapis.com — Cisco Umbrella Rank: 520	138 KB
5	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 908	3 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	243 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 5261	1 KB
5	amazon-adsystem.com z-na.amazon-adsystem.com — Cisco Umbrella Rank: 10862 ws-na.amazon-adsystem.com — Cisco Umbrella Rank: 21397 wms-na.amazon-adsystem.com — Cisco Umbrella Rank: 32748 fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 9784	15 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1703	920 B
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1341 r.turn.com — Cisco Umbrella Rank: 4617	2 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1407 r4---sn-5hne6nsr.c.2mdn.net — Cisco Umbrella Rank: 887816	2 MB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 15646 api.webgains.io — Cisco Umbrella Rank: 40158	31 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1037	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679	2 KB
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 5438	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1332	2 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 15474	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 4805	207 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 451	529 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 1223	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 77547 static-de.ad4mat.net — Cisco Umbrella Rank: 111741	4 KB
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1886	351 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 985	187 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062	586 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1063	464 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 43265	15 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 21883	2 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1124	339 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 1006	739 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 744	877 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 447	460 B
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 419	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	603 B
1	bilbor.live 1 redirects bilbor.live	292 B
1	sendgrid.net 1 redirects u6387641.ct.sendgrid.net	270 B
228	40

	Domain	Requested by
35	all-news.co	1 redirects all-news.co
28	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com imasdk.googleapis.com
25	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net all-news.co
21	pagead2.googlesyndication.com	all-news.co pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net all-news.co
16	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com imasdk.googleapis.com
9	fonts.gstatic.com	fonts.googleapis.com
6	assets.ad4m.at	as.ad4m.at
6	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
6	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	c1.adform.net	5 redirects
5	www.googletagservices.com	googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	adservice.google.com	pagead2.googlesyndication.com
5	adservice.google.de	pagead2.googlesyndication.com
5	fonts.googleapis.com	all-news.co googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	x.bidswitch.net	3 redirects
3	image6.pubmatic.com	3 redirects
2	r4---sn-5hne6nsr.c.2mdn.net
2	ssum-sec.casalemedia.com	2 redirects
2	ads.avct.cloud	2 redirects
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	pm.w55c.net	2 redirects
2	www.awin1.com	as.ad4m.at
2	pr-bh.ybp.yahoo.com	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	match.adsrvr.org	googleads.g.doubleclick.net
2	um.simpli.fi	2 redirects
2	r.turn.com	all-news.co googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	wms-na.amazon-adsystem.com	ws-na.amazon-adsystem.com
1	gcdn.2mdn.net	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	onetag-sys.com	1 redirects
1	d.agkn.com	1 redirects
1	sync.mathtag.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	prod-rtb.ad4mat.net	all-news.co
1	fls-na.amazon-adsystem.com	ws-na.amazon-adsystem.com
1	m.media-amazon.com	ws-na.amazon-adsystem.com
1	ws-na.amazon-adsystem.com	all-news.co
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	z-na.amazon-adsystem.com	all-news.co
1	bilbor.live	1 redirects
1	u6387641.ct.sendgrid.net	1 redirects
228	57

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
all-news.co R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
z-na.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-18` - `2024-02-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
ws-na.assoc-amazon.com Amazon RSA 2048 M01	`2023-03-16` - `2024-01-21`	10 months	crt.sh
wms-na.assoc-amazon.com Amazon	`2022-08-21` - `2023-07-25`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-10-26` - `2023-10-14`	a year	crt.sh
fls-na.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-04-11` - `2023-06-20`	2 months	crt.sh

This page contains 27 frames:

Primary Page: https://all-news.co/
Frame ID: 8F9089C554C95B15BC53CC661182786D
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: 394C39BF9B097399421962540F857C9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1682267949&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267949673&bpp=5&bdt=189&idt=174&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1601235763377&rume=1&frm=20&pv=2&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=980315297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=192
Frame ID: 3EFCA21C31B31A873EA9FD5F971EF234
Requests: 1 HTTP requests in this frame

Frame: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Frame ID: F5B479E6862127A53C08CC484611B642
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950146&bpp=20&bdt=661&idt=20&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0&nras=1&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=980315297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sGWMz5GpNb&p=https%3A//all-news.co&dtd=26
Frame ID: 69EC441326D0ED1110B3B97E760D91AF
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=3190200712&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280&nras=2&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=lJmYbRZbyP&p=https%3A//all-news.co&dtd=24
Frame ID: FC558507FCE74BBDAA4F0C9E4BEE9457
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3063935215&adf=3512139489&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1248&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250&nras=3&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lCtNntHLBC&p=https%3A//all-news.co&dtd=50
Frame ID: E492922D5F65DC70C0D64E0D3898FC81
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=739071646&adf=2912998144&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280&nras=4&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3399&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=wYM4xEUUtT&p=https%3A//all-news.co&dtd=53
Frame ID: BC8910A3A48E3DCE18361D5C5D905AED
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: ED04C349A523E690BEC189B6D02E830A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AD720A6F78DFE73E1AE72036732E5B93
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js
Frame ID: 5796D039BEE41B6888C138BEB4553D48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 37B0ACA8A06BCCCFF573D637E87AC80A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C1aZVLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS2AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwRab8Ked7oKo4h2ISHUy9RcGMX-Ro85Ouf5Az9XxYoih9U2Lc_GN8gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=v-AYUIQ0EOo&uach_m=[UACH]&cid=CAQSPABygQiDoUF2i2UkeAuzN8CoJbBARYdS934jCD3Fwm3qDXVJnQx0ELVLv2yjLoqBPgMh_NolkCxDMX3wZxgB
Frame ID: C0B9DB9EF69A3B030D52E2ACDACA22F0
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k8eyd1353g68cbvwtwapvkyhznkpxkzx72ray9djt5stp5h6e8m7f218q6j2a07k4h032erbrgzxkd5k6xszck0qnec1pyp0aze4k35c9dczyxjzct1p21ygbzkfb4ct3k5pmrsc8596wdqkbp14psqq44tbsq89qwxas03d42rm61zzhk8hwnq629e3qecfn53515h1raj670tjwyvday7nmkcwe9eaxtxr6c2efe5f418gpvd3vefdt6h971v604dmv04a95j5cs4v2h80423cxpgmcfhejr60nd6veymvv52p4q7zhjbgx917yrj5r2p6pwyygjdjc4h2j8h11hpktqq8e6bqn74f4rsn2as1pqpgj312xhk6h4m804040w1m8ce8zgsx248xxqpb8e36beahqh887x4jx6vqdwbjnsr6mkv2y6892bwn53sbct64zfnfjz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%26client%3Dca-pub-8439024877331049%26adurl%3D
Frame ID: A5CEE541A4CF58AEB7B716C7678F6680
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0071DD45E113AC9BD8EC4682CD5CAE49
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js
Frame ID: A462C02BB16F4938C2E7FD82CDA4AC42
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0400823D552A2B93654229F95D15363D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js
Frame ID: FBD4D85B92770D9BDA5B6DA6ABDA4FFD
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1DB45E965A5136F5D35A3B43866F14DA
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Frame ID: 425D72265015797433DDCAC9C394A64E
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 11B560486C379708AA7B1AB684F571B5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=1240227622&pi=t.ma~as.1203090826&w=300&lmt=1682267952&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267952159&bpp=1&bdt=2675&idt=2&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280%2C1200x280%2C1005x124&nras=5&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&psts=AHQMDFdAtfEGjFWkhhvLti82c0_wqH2argVzjdnWtXgqkd7RAfhxSfqyYbwqI_6nC02LtFpwMlwbrUVPgXC3K7UMp-DdZeCm3a3vvsVREoaqBoX_mN5ATQ%2CAHQMDFeklGvliAIAiq0SHwCdGWy7f-V98axxYmH5FfAzTJDZYzEB1cTnoPlo8ze7jXq7trbRWE6t_oQaO94dUoksmzII7dES%2CAHQMDFdQdKH-533GTRofnvam-KQwe0_dKlzxfwr-zKjhWr1rj4Xkor8Rh0t31yRT-E8ZU2cKGQCbv43JumRglW5c5YNzNFBf%2CAHQMDFd5M8uq5Lsl18DVdl8p6OZUHaQMbB5kclQ80Qtp3kiRYEcZ2JFq-OhYPc6FJ-HhT_bGk-df_UVp3n4dtN8PfbSE4agg&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=xP7c3NNoHI&p=https%3A//all-news.co&dtd=6
Frame ID: 12112758F312C1374DAFA6386C2D32B7
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js
Frame ID: 1F63C87F4827A9AF17E550367C311789
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 732C3E28F38ADDC7CE10C66D839CA8E8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 88FD81C4BE600B3B39382816355488BA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EE567C419940A46E48924F583459326C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D47B1B8BC9696088D757F77FD4E83D5F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

All-News

Page URL History Show full URLs

https://u6387641.ct.sendgrid.net/ls/click?upn=VazvqnVl7P0u1vHscyPcgoyTqdXD1fW-2FzLT3391qosMEA7aognnaoY5RHHjbg... HTTP 302
http://bilbor.live/?Z289MSZzMT0xNjIzNzYyJnMyPTE4NDM4MDE3MSZzMz1CRQ== HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

228
Requests

90 %
HTTPS

42 %
IPv6

40
Domains

57
Subdomains

40
IPs

8
Countries

8122 kB
Transfer

10825 kB
Size

30
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/
Title: Like

Search URL Search Domain Scan URL

URL: https://twitter.com/
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/
Title: Subscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u6387641.ct.sendgrid.net/ls/click?upn=VazvqnVl7P0u1vHscyPcgoyTqdXD1fW-2FzLT3391qosMEA7aognnaoY5RHHjbg1iY31uuCO7jLScx6UxSNotxm9GrLcyhzNkzCSdO-2BnwNH7U-3DQ_rr_Df0Lc06qysIgHsGk0xVMahPhy5I406Nc9jHY204yKhr1v3AAhY6J5S99rkPzQhXClTazQrgHHWUY2NEsWhCesjyt6XB99TaCOh31XF6Z7AL5PTa7jCfvhTillq-2Fyo-2BSGYVyAbNPkvAqog8jsP6KfQw-2BwzBobRuEuM6QFgz-2B3j9j-2BeSfsn3DgM0-2B2jnnAGLq1Hz0E4-2BG2y2rEHluInvvaqt1hTWeL3VlaCBs0aBBLLnc-3D HTTP 302
http://bilbor.live/?Z289MSZzMT0xNjIzNzYyJnMyPTE4NDM4MDE3MSZzMz1CRQ== HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 77

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 100

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFiRdBvpd3RLWE1pbHx2rqw&google_cver=1&google_push=ATf1kGPPUBkq8l64JInqJJmAtU2uk2qHBn1oeQrU1UCCpBmcTkwn4U0Zbjv6NYk1-0cGh4PdM-5DAa4p2cV1wrIEwJ1b_eIOmm9oAHo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ5OTIyOTE2NjM3MTYzMjQzMA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM9Pqbe_-UyG8cesyn8P3XM&google_cver=1

Request Chain 101

https://um.simpli.fi/gp_match?google_gid=CAESEC3iM_xRgK7l9iz2ztYqeZQ&google_cver=1&google_push=ATf1kGNh9N01P7nfRXZZbkiSfhoNMAf0zPPhhTnxWW9lNGYA_Hblp2hKz6eaCky24GmsZ4M6e9erpeDpkKeIOwWF2To9q30bCr0-js4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C7E4258CA81246948C1B678B3E9A4764&google_push=ATf1kGNh9N01P7nfRXZZbkiSfhoNMAf0zPPhhTnxWW9lNGYA_Hblp2hKz6eaCky24GmsZ4M6e9erpeDpkKeIOwWF2To9q30bCr0-js4

Request Chain 103

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB0rTwsvQGDUwZrF0OFlvYY&google_cver=1&google_push=ATf1kGOQeKMbqftyd06fiDwHGaneDMzi5PAarsJSMnJkdcor0slcrBPwnFTGuhpbVx_I9WGLKwRLUt-JJ2AlmUZiaog0WgClUgi3pg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB0rTwsvQGDUwZrF0OFlvYY&google_cver=1&google_push=ATf1kGOQeKMbqftyd06fiDwHGaneDMzi5PAarsJSMnJkdcor0slcrBPwnFTGuhpbVx_I9WGLKwRLUt-JJ2AlmUZiaog0WgClUgi3pg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ4Nzc5MzI0ODc4ODY4NTcxNQ&google_push=ATf1kGOQeKMbqftyd06fiDwHGaneDMzi5PAarsJSMnJkdcor0slcrBPwnFTGuhpbVx_I9WGLKwRLUt-JJ2AlmUZiaog0WgClUgi3pg

Request Chain 104

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB0rTwsvQGDUwZrF0OFlvYY&google_cver=1&google_push=ATf1kGPFexICSQ3uvX8Gt23KS-RFftcjeGW5z35vOV9QXy6MphfJIgSyUgnCJtn60skIwgeZVA4D5-rSteAc4SJftqZR0nqeJBv-ATY HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB0rTwsvQGDUwZrF0OFlvYY&google_cver=1&google_push=ATf1kGPFexICSQ3uvX8Gt23KS-RFftcjeGW5z35vOV9QXy6MphfJIgSyUgnCJtn60skIwgeZVA4D5-rSteAc4SJftqZR0nqeJBv-ATY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcyMjgzODA3OTM0MTA5NzYyMA&google_push=ATf1kGPFexICSQ3uvX8Gt23KS-RFftcjeGW5z35vOV9QXy6MphfJIgSyUgnCJtn60skIwgeZVA4D5-rSteAc4SJftqZR0nqeJBv-ATY

Request Chain 105

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMKAE1uSF5F3E-teK4KKg9k&google_cver=1&google_push=ATf1kGPWdubXAlkXoc1v8wX66lScO6k8_DXb8kzRzWDDKVZDo531L1JJrNdHAWEbGZTKz2vj2y7-ud5zhsYH28FnOJEX8gZn5vyB_eA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdUTVdJU0YtWi0zOTE3&google_push=ATf1kGPWdubXAlkXoc1v8wX66lScO6k8_DXb8kzRzWDDKVZDo531L1JJrNdHAWEbGZTKz2vj2y7-ud5zhsYH28FnOJEX8gZn5vyB_eA

Request Chain 106

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED2j_CtUZNYVrf_7E68FzTo&google_cver=1&google_push=ATf1kGNkJL5Rqo_o64T0JrrZHqgyVSRqrYbr988P_k_sMa826BYBkNoqs6dq7HnEofdgcDX3mwDPHnKz8iwqOy_rsI3fluBhPQN_US20 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGNkJL5Rqo_o64T0JrrZHqgyVSRqrYbr988P_k_sMa826BYBkNoqs6dq7HnEofdgcDX3mwDPHnKz8iwqOy_rsI3fluBhPQN_US20 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 116

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOx3P2j1elv2jldXmhRKgX4&google_cver=1&google_push=Aer7DvKuByPd4B3oUzLM6Y-CqOlr1vbS7GvG-mKJg0SdBlN-exfEQ1sesHYeyzjf5UQRBBOG910iCEU0TVV6opIyjylg7v5kDXhO-qdS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKuByPd4B3oUzLM6Y-CqOlr1vbS7GvG-mKJg0SdBlN-exfEQ1sesHYeyzjf5UQRBBOG910iCEU0TVV6opIyjylg7v5kDXhO-qdS

Request Chain 118

https://d.agkn.com/pixel/2175/?google_gid=CAESEMWJTXKOYEPOUZPcjB3tjFE&google_cver=1&google_push=Aer7DvItj5pRQTM_1D7KIJ774azXH0og8OsIZXze_Wr6E2KOcCGerwj2eaJd-55ETpdLkxOgzoXv6bonPNnLpB1wVL9i_5a5041CGRiq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aer7DvItj5pRQTM_1D7KIJ774azXH0og8OsIZXze_Wr6E2KOcCGerwj2eaJd-55ETpdLkxOgzoXv6bonPNnLpB1wVL9i_5a5041CGRiq&google_hm=Q0FFU0VNV0pUWEtPWUVQT1VaUGNqQjN0akZF

Request Chain 119

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEACi3GRvJh2rkmbI0GKvx-U&google_cver=1&google_push=Aer7DvIvfnYOdlUX6a_xgXp-0_Z0DiVRhIm8yHfqn90LpbztHyrM8zIH918glbQt6QrkvkP7ZvffaJN5w072n7NEIc8u8GOrj0sx06Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIvfnYOdlUX6a_xgXp-0_Z0DiVRhIm8yHfqn90LpbztHyrM8zIH918glbQt6QrkvkP7ZvffaJN5w072n7NEIc8u8GOrj0sx06Q&google_hm=eS0zOHZzZjBSRTJwR0xyci5HV1JIcmw0NXFPbHI4WFVUeX5B

Request Chain 120

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFmCs69P4EBoc8selHsE5j0&google_cver=1&google_push=Aer7DvJkqvuRwpwVUauOoYujErjSXjsShQyPsesMSQrnvefT_9G6MK7PnQh3qP5WFzT3v1MCZcL921yPIXJCvGwgnpCJgMPcELTPLqwl HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFmCs69P4EBoc8selHsE5j0&google_cver=1&google_push=Aer7DvJkqvuRwpwVUauOoYujErjSXjsShQyPsesMSQrnvefT_9G6MK7PnQh3qP5WFzT3v1MCZcL921yPIXJCvGwgnpCJgMPcELTPLqwl&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RMWK5KyhThCnVNbWWp8YbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJkqvuRwpwVUauOoYujErjSXjsShQyPsesMSQrnvefT_9G6MK7PnQh3qP5WFzT3v1MCZcL921yPIXJCvGwgnpCJgMPcELTPLqwl

Request Chain 121

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPW7mavw8Qo5DAlSCCw9sOI&google_cver=1&google_push=Aer7DvLXWTCipWm08eMRP7Re6fGUOFxSeu19niujJEHdeKWC1Chjog6NfRIWEKQO0IqiI_UvYLmjeCrkBmiEPCfz-rkknsA58Ag52nY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLXWTCipWm08eMRP7Re6fGUOFxSeu19niujJEHdeKWC1Chjog6NfRIWEKQO0IqiI_UvYLmjeCrkBmiEPCfz-rkknsA58Ag52nY

Request Chain 161

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBpo84SicywAzj50anbSFIQ&google_cver=1&google_push=ATf1kGOC06iCT5d-LwUmwcW4lU5KPTbEIF1_IweTxowhMx2NONLaQcyOiy-daJNGht4loDezfHEF2xGqF6ULQxbelUi2xYrMcsMM HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBpo84SicywAzj50anbSFIQ&google_cver=1&google_push=ATf1kGOC06iCT5d-LwUmwcW4lU5KPTbEIF1_IweTxowhMx2NONLaQcyOiy-daJNGht4loDezfHEF2xGqF6ULQxbelUi2xYrMcsMM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NEhrTm9ZdHExUFFDSzQ1&google_gid=CAESEBpo84SicywAzj50anbSFIQ&google_cver=1&google_push=ATf1kGOC06iCT5d-LwUmwcW4lU5KPTbEIF1_IweTxowhMx2NONLaQcyOiy-daJNGht4loDezfHEF2xGqF6ULQxbelUi2xYrMcsMM

Request Chain 162

https://um.simpli.fi/gp_match?google_gid=CAESEO68Q06YmVvpmJp1Ev9effU&google_cver=1&google_push=ATf1kGMkG3S1i4O0_eooT_vTqasf6yuCWDOb-YEmF07MVxu4EqPj53Qc1ua6S_N7PtbQRjg5wdoyRo6t2N6cyUcglmw_N2DueGnzJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C7E4258CA81246948C1B678B3E9A4764&google_push=ATf1kGMkG3S1i4O0_eooT_vTqasf6yuCWDOb-YEmF07MVxu4EqPj53Qc1ua6S_N7PtbQRjg5wdoyRo6t2N6cyUcglmw_N2DueGnzJA

Request Chain 163

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFWlErA0RcaNUUkZnHV2WBY&google_cver=1&google_push=ATf1kGMCtuSroYbfc7K4h_MAQ3dScWrTEBbCKwIL2cOVFV1tOkVid0sNK8-Bir_0P52ZMuDQqqEJaJd58BsaUOvQ1qkHErC5JB1aXA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNTI4NTgzNjk1MzQ4MzQwNA%3D%3D&google_push=ATf1kGMCtuSroYbfc7K4h_MAQ3dScWrTEBbCKwIL2cOVFV1tOkVid0sNK8-Bir_0P52ZMuDQqqEJaJd58BsaUOvQ1qkHErC5JB1aXA

Request Chain 164

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJRkgP6FB7Jl3gYB8ryjW8w&google_cver=1&google_push=ATf1kGPdfs8JOGwu9XloehEEq9m5_YxLdz7b7TYaJRJwrjrhq2_DAXmwd_A5FB6g_iqH95Gh4drJQL2Qf-ZcGpR-l8gv-Dr2w3kM9A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ4Nzc5MzI0ODc4ODY4NTcxNQ&google_push=ATf1kGPdfs8JOGwu9XloehEEq9m5_YxLdz7b7TYaJRJwrjrhq2_DAXmwd_A5FB6g_iqH95Gh4drJQL2Qf-ZcGpR-l8gv-Dr2w3kM9A

Request Chain 165

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEONtKM26iLciJFdHHsaLjK4&google_cver=1&google_push=ATf1kGMA5FEcUzg9vDqR4yPatdXO0EM0lqNxOZeKrHUrolJ8HoLOt61lV61_Nya2GY49Zz54vnF1k_5xW-XM0cjYix6rq_xyeDYuCQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RMWK5KyhThCnVNbWWp8YbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMA5FEcUzg9vDqR4yPatdXO0EM0lqNxOZeKrHUrolJ8HoLOt61lV61_Nya2GY49Zz54vnF1k_5xW-XM0cjYix6rq_xyeDYuCQ

Request Chain 219

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH1nUyxf5TcCFqn7Z46BYjg&google_cver=1&google_push=Aer7DvLvZ9jTmstHBDBbjFqcXh7nyiN1xdrCzK9JxvvMeesU5VpLNH00SMpw4Z7eo13xeV5CmEKiC65XjIS-TlfEfs7DcuJJ6eRDJF0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ5OTIyOTE2NjM3MTYzMjQzMA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH1nUyxf5TcCFqn7Z46BYjg&google_cver=1

Request Chain 221

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECNb6r2VN9EZteFbaMlLGMQ&google_cver=1&google_push=Aer7DvL_K50xFV9dPOnZezwjP-yogi-NghyB0BYmlhikfGfIlp7mnLin09TKmV9HLI6gXxHThyDdKz-EkW0Zo2gFOEZNHkxRcSP4Jg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECNb6r2VN9EZteFbaMlLGMQ&google_cver=1&google_push=Aer7DvL_K50xFV9dPOnZezwjP-yogi-NghyB0BYmlhikfGfIlp7mnLin09TKmV9HLI6gXxHThyDdKz-EkW0Zo2gFOEZNHkxRcSP4Jg HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=4712cdbf-04e6-4dbc-9def-b1b9a85e17d9&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvL_K50xFV9dPOnZezwjP-yogi-NghyB0BYmlhikfGfIlp7mnLin09TKmV9HLI6gXxHThyDdKz-EkW0Zo2gFOEZNHkxRcSP4Jg&google_hm=NjaNh6z6R5CzWSFv7NVyyw==

Request Chain 222

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP6AHtHRTF2rlqUm6sSuniw&google_cver=1&google_push=Aer7DvJCqGA9eqpGzSnkZNhF9Du3Z2Lacyuvl6LwRdICAzF4EdLF3_JepnAIvE-NKj-w7HDqOHJgbXm6uV1kFbY0n_NrbwhSwQfYc3s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJCqGA9eqpGzSnkZNhF9Du3Z2Lacyuvl6LwRdICAzF4EdLF3_JepnAIvE-NKj-w7HDqOHJgbXm6uV1kFbY0n_NrbwhSwQfYc3s&google_hm=eS0zOHZzZjBSRTJwR0xyci5HV1JIcmw0NXFPbHI4WFVUeX5B

Request Chain 224

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEECuSOHxrbMzO0qkdIVd50&google_cver=1&google_push=Aer7DvKGCkuEyOJAFYrvUuPO-_tgCRbCzITUaRahb7atGWB0L7cx4cHGapyUHj3cRARYtiuewjBoqfB6XyneX1Wd0Hx6Cl2TQ2MkZQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEECuSOHxrbMzO0qkdIVd50&google_push=Aer7DvKGCkuEyOJAFYrvUuPO-_tgCRbCzITUaRahb7atGWB0L7cx4cHGapyUHj3cRARYtiuewjBoqfB6XyneX1Wd0Hx6Cl2TQ2MkZQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEECuSOHxrbMzO0qkdIVd50&google_hm=ZEVfMTq17y52cGYP0uAP9gAACJQAAAIB&google_nid=index&google_push=Aer7DvKGCkuEyOJAFYrvUuPO-_tgCRbCzITUaRahb7atGWB0L7cx4cHGapyUHj3cRARYtiuewjBoqfB6XyneX1Wd0Hx6Cl2TQ2MkZQ

Request Chain 225

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB61Srk4TYWj5w53qCwRnng&google_cver=1&google_push=Aer7DvJK3zqpxtijJmN8Et0iiKbzR9hYxHNPRl-e8G0jxHooyVA6a1jmiIx8jwZSjDKXlqu7PMJMgap66K_QmAwWNFpf8gGCiBEr1Ccq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvJK3zqpxtijJmN8Et0iiKbzR9hYxHNPRl-e8G0jxHooyVA6a1jmiIx8jwZSjDKXlqu7PMJMgap66K_QmAwWNFpf8gGCiBEr1Ccq HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 231

https://gcdn.2mdn.net/videoplayback/id/1ce25ce44efce31c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713803953/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/BB291DD104AE9864DC43430868ABE6DAFE22FEC2.56B9899AC6BE55BC46250B60A2541F13E2734C1D/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-5hne6nsr.c.2mdn.net/videoplayback/id/1ce25ce44efce31c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713803953/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6ADD2C972384C6579BAD94EB4C5E18CC924EA99C.0C69C342800E459309F173924997BA721CA00372/key/cms1/cms_redirect/yes/mh/55/mip/2001:ac8:20:3c00:1011:8bd9:4c8e:e9e1/mm/42/mn/sn-5hne6nsr/ms/onc/mt/1682267560/mv/m/mvi/4/pl/49/file/file.mp4

228 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
all-news.co/
Redirect Chain

https://u6387641.ct.sendgrid.net/ls/click?upn=VazvqnVl7P0u1vHscyPcgoyTqdXD1fW-2FzLT3391qosMEA7aognnaoY5RHHjbg1iY31uuCO7jLScx6UxSNotxm9GrLcyhzNkzCSdO-2BnwNH7U-3DQ_rr_Df0Lc06qysIgHsGk0xVMahPhy5I406Nc...
http://bilbor.live/?Z289MSZzMT0xNjIzNzYyJnMyPTE4NDM4MDE3MSZzMz1CRQ==
http://all-news.co/
https://all-news.co/

622 KB
622 KB

572ms
525ms

Document
text/html

5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 / PHP/8.0.27
Resource Hash: 7c618f6ea860f52ba757f6f43ecea4fdb9d684bd0d543ef24e8c72dc227375ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 23 Apr 2023 16:39:08 GMT
Keep-Alive: timeout=5, max=100
Link: <https://all-news.co/wp-json/>; rel="https://api.w.org/" <https://all-news.co/wp-json/wp/v2/pages/957>; rel="alternate"; type="application/json" <https://all-news.co/>; rel=shortlink
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
Transfer-Encoding: chunked
X-Powered-By: PHP/8.0.27

Redirect headers

Connection: Keep-Alive
Content-Length: 228
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 23 Apr 2023 16:39:08 GMT
Keep-Alive: timeout=5, max=100
Location: https://all-news.co/
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27

GET
H/1.1 200
OK style.min.css
all-news.co/wp-includes/css/dist/block-library/ 95 KB
96 KB 38ms
13ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/css/dist/block-library/style.min.css?ver=6.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:09 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "17ced-5f8177dd6e752"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 97517

GET
H/1.1 200
OK classic-themes.min.css
all-news.co/wp-includes/css/ 291 B
605 B 37ms
12ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:09 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "123-5f8177dd6b872"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 291

GET
H/1.1 200
OK style.css
all-news.co/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
37 KB 38ms
13ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:09 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "92ec-5f71c1544542e"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 37612

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4fb8dcb743bfbe4d782eeebc1fed296e261864b549b967b9b683055ef21fdc8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Apr 2023 16:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Apr 2023 16:33:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Apr 2023 16:39:09 GMT

GET
H/1.1 200
OK style.css
all-news.co/wp-content/themes/Newspaper/ 149 KB
150 KB 38ms
12ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 1370903a1e242d482364b08f180e6add61f2f2b4abae8cfb0de855b56017cfb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:09 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2557c-5f71c14ef049f"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 152956

GET
H/1.1 200
OK td_legacy_main.css
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 161 KB
161 KB 38ms
12ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 5dda8db38026fc522c7c017ba17bbf533be39a00cea07cbc1086f1537dce7272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:09 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2828e-5f71c154f25ad"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 164494

GET
H/1.1 200
OK tdb_main.css
all-news.co/wp-content/plugins/td-cloud-library/assets/css/ 34 KB
34 KB 51ms
12ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:09 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "882f-5f71c15bec76d"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 34863

GET
H/1.1 200
OK jquery.min.js Show response
all-news.co/wp-includes/js/jquery/ 88 KB
88 KB 63ms
12ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:09 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "15ed7-5f8177dd72da2"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 89815

GET
H/1.1 200
OK jquery-migrate.min.js Show response
all-news.co/wp-includes/js/jquery/ 13 KB
13 KB 76ms
12ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:09 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "3470-5f8177dd71e02"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 13424

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 77ms
57ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f237a71ab25a3d8a77866369ec3324dfdc4aa2c6872cac6fce52836e76bd61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47474
x-xss-protection: 0
server: cafe
etag: 8761146912404604460
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 16:39:09 GMT

GET
H/1.1 200
OK ALLNEWS-logo-final-1.png
all-news.co/wp-content/uploads/2022/12/ 107 KB
108 KB 13ms
12ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/12/ALLNEWS-logo-final-1.png
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:09 GMT
Last-Modified: Fri, 30 Dec 2022 18:13:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1ada4-5f10f8fb79eed"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 109988

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
all-news.co/wp-includes/js/ 18 KB
19 KB 13ms
13ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:09 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "4904-5f8177dd7124a"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 18692

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 24 KB
8 KB 50ms
7ms Script
application/javascript 143.204.94.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-19.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 14334adb9eeee023957e2b917ea419a3b333836e1828a0de5318dac4a190cfa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: Public
date: Sun, 23 Apr 2023 01:55:17 GMT
content-encoding: gzip
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
age: 53032
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=86400,s-maxage=86400,no-transform
content-length: 7995
x-amz-cf-id: o3zuJMzwkAxjjG0XQjm7RtMTSKjyZu8aPr09E-qH9ekAISzwUvLl-Q==
expires: Mon, 24 Apr 2023 01:55:17 GMT

GET
H/1.1 200
OK mobile-bg.jpg
all-news.co/wp-content/uploads/2023/01/ 43 KB
43 KB 13ms
13ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/01/mobile-bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: f132a3b6e8c8de07e8491ce98f184a952823c139df20446f61a1a9daca060a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:09 GMT
Last-Modified: Tue, 10 Jan 2023 16:25:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "abd5-5f1eb56bff015"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 43989

GET
H/1.1 200
OK newspaper.woff
all-news.co/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 13ms
13ms Font
application/font-woff 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/images/icons/newspaper.woff?221
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Request headers

Referer: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:09 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "82d0-5f71c14ef1057"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33488

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 34ms
12ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:01:02 GMT
x-content-type-options: nosniff
age: 85087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:01:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 225226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 17ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 84894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:04:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:03:36 GMT
x-content-type-options: nosniff
age: 70533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:03:36 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/ 354 KB
119 KB 83ms
67ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8439024877331049&plah=all-news.co&bust=31074065

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49c113b6922ebafb0cd4c2c293907076401af06b505325bb1b97fae20798e03f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121778
x-xss-protection: 0
server: cafe
etag: 15721090981262786302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 16:39:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame 394C 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:33:27 GMT
etag: 2378337311435320485
expires: Sun, 07 May 2023 16:33:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ 55 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8439024877331049&plah=all-news.co&bust=31074065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e9a646e8f05c8c4a8609a8b0160b83a403b7a43fd196ff6e421d843cf6a819f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21439
x-xss-protection: 0
server: cafe
etag: 16442908067332721481
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 16:20:23 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
603 B 37ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=all-news.co&callback=_gfp_s_&client=ca-pub-8439024877331049

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fea5b7ebe66f64901a6a5bf6e30ab538358aa7bf343235d5b69b14d4c1bec5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 55ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 42ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3EFC 137 KB
39 KB 784ms
784ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1682267949&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267949673&bpp=5&bdt=189&idt=174&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1601235763377&rume=1&frm=20&pv=2&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=980315297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=192

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23305ed5fb3a9414e791640284a5e0269c6c0f871dd0d76c0ea628144bc7cd70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40036
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:39:10 GMT
expires: Sun, 23 Apr 2023 16:39:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
200 q Show response
ws-na.amazon-adsystem.com/widgets/ Frame F5B4 14 KB
4 KB 337ms
104ms Document
text/html 52.94.230.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.230.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: be49950bb233dedd525e7fe74d73334cf81440f0ae6834246082253bc427b8fe

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 3396
Content-Type: text/html;charset=UTF-8
Date: Sun, 23 Apr 2023 16:39:10 GMT
Expires: -1
Pragma: no-cache
Server: Server
Vary: User-Agent
charset: UTF-8
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "

GET
H/1.1 200
OK elements.png
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
5 KB 13ms
12ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: b8939a0d5bea5bad9b1dc74928170d320b393615e282545b4e9e1ebcbffc1f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:10 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "10fc-5f71c154f3165"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4348

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6919ae3e012a38d152cf79dc38831759adbbefff3510194628fc6887caaf12c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48024
x-xss-protection: 0
server: cafe
etag: 9062299593895298333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 16:39:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 20ms
19ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 69EC 91 KB
33 KB 979ms
979ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950146&bpp=20&bdt=661&idt=20&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0&nras=1&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=980315297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sGWMz5GpNb&p=https%3A//all-news.co&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

badc2302e66620121869ba6234fe90f8dbc7ac81828104dcf0436da6b70dd933

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33757
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:39:11 GMT
expires: Sun, 23 Apr 2023 16:39:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK underscore.min.js Show response
all-news.co/wp-includes/js/ 18 KB
19 KB 12ms
12ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:10 GMT
Last-Modified: Tue, 27 Sep 2022 15:18:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "4991-5e9aa27ccd240"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18833

GET
H/1.1 200
OK js_posts_autoload.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
6 KB 12ms
12ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:10 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "14e2-5f71c15becb55"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5346

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/ 301 KB
301 KB 13ms
13ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:10 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "4b207-5f71c154f160d"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 307719

GET
H/1.1 200
OK comment-reply.min.js Show response
all-news.co/wp-includes/js/ 3 KB
3 KB 13ms
13ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/comment-reply.min.js?ver=6.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:10 GMT
Last-Modified: Fri, 08 Apr 2022 20:07:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "ba5-5dc2a2438e980"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2981

GET
H/1.1 200
OK js_files_for_front.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 185 KB
185 KB 13ms
13ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:10 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2e345-5f71c15becf3d"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 189253

GET
H/1.1 200
OK footer_bg.jpg
all-news.co/wp-content/uploads/2023/01/ 105 KB
105 KB 13ms
12ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/01/footer_bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: eeced1d8cb05e0490197eca352ff09680161f09b254df3fca1acb8e98593a275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:10 GMT
Last-Modified: Tue, 10 Jan 2023 16:25:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1a481-5f1eb56835892"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 107649

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 12:21:04 GMT
x-content-type-options: nosniff
age: 15486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Apr 2024 12:21:04 GMT

GET
H2 200 a-logo-amazon.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame F5B4 1 KB
2 KB 82ms
6ms Image
image/png 108.138.17.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/a-logo-amazon.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-219.fra56.r.cloudfront.net
Software: Server /
Resource Hash: bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 01:33:35 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1868735
x-cache: Hit from cloudfront
content-length: 1427
last-modified: Thu, 15 Dec 2022 12:11:39 GMT
server: Server
etag: "593-5efdcc15d66ed"
vary: Accept-Encoding
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: _PwEXyu9N6LQDNuuseBg0wvxpRWtkAHIFrldXvn7jsRO1xi7MqPdGw==
expires: Sun, 09 Apr 2023 01:33:35 GMT

GET
H2 200 41-rSOtoD6L._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame F5B4 3 KB
3 KB 85ms
10ms Image
image/jpeg 2600:9000:2491:1c00:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/41-rSOtoD6L._AC_AC_SR98,95_.jpg
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1c00:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 6c711e7939187c82f8ee963b72e8d9bb34338ee60be229dd0417527f57a1e8a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 20:59:46 GMT
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2144364
x-cache: Hit from cloudfront
x-nginx-cache-status: HIT
server-timing: provider;desc="cf"
content-length: 2593
last-modified: Tue, 15 Nov 2022 01:42:51 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 3f8f2ff0-b36d-4a79-8d80-1cde114941a7
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: _uY9wXQEe-S60LZfuxTbey_auYwiZ3F5IP02Aph7rMcHrq1Ml0yEsw==
expires: Tue, 24 Mar 2043 16:24:15 GMT

GET
H/1.1 200
OK json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame F5B4 43 B
200 B 312ms
101ms Image
image/gif 52.94.233.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1682267950491&p=%7B%22program%22%3A%221%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22health0b30-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Fall-news.co%2F%22%7D
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:09 GMT
x-amzn-RequestId: afd7bd92-0f74-4848-a4c6-ed88a23ad75b
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cart.gif
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame F5B4 341 B
713 B 69ms
8ms Image
image/gif 108.138.17.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-219.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 03:23:54 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Thu, 20 Apr 2023 17:08:43 GMT
server: Server
x-amz-cf-pop: FRA56-P7
age: 134116
etag: "155-5f9c797bc625c"
x-cache: Hit from cloudfront
content-type: image/gif
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 341
x-amz-cf-id: 5XgQbNwhXFzrKPmg95h2vrxKie2vfIndCk5O-1hd27lvoxIH-M2V7A==
expires: Sat, 29 Apr 2023 03:23:54 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/ 149 KB
51 KB 96ms
96ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/reactive_library_fy2021.js?bust=31074065

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

633cb9c77e9d47d86a4a4558c51d6ddabba2fd0a5a5efda489cb4f100735a4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51688
x-xss-protection: 0
server: cafe
etag: 17888529086661025347
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 16:39:10 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC55 37 KB
14 KB 486ms
486ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=3190200712&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280&nras=2&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=lJmYbRZbyP&p=https%3A//all-news.co&dtd=24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d55b03b88a11794a36a6aa09d2cf06ddb1d2e949a0eeac253d41562661b4a439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13880
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:39:11 GMT
expires: Sun, 23 Apr 2023 16:39:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E492 107 KB
36 KB 1293ms
1293ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3063935215&adf=3512139489&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1248&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250&nras=3&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lCtNntHLBC&p=https%3A//all-news.co&dtd=50

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41dde242632eed714432d63f99fd78e6520fa938df205d1f0020c2e671b1be9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36991
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:39:12 GMT
expires: Sun, 23 Apr 2023 16:39:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC89 107 KB
36 KB 477ms
477ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=739071646&adf=2912998144&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280&nras=4&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3399&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=wYM4xEUUtT&p=https%3A//all-news.co&dtd=53

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

604828ce569ef83418a1eaa83ce43806a32326fa411264e8a154685102c246bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37163
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:39:11 GMT
expires: Sun, 23 Apr 2023 16:39:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame ED04 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 06:15:50 GMT
etag: 2378337311435320485
expires: Sun, 07 May 2023 06:15:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 8e3adedd6f76ceb5825dd9d6f211c14b.js Show response
www.gstatic.com/mysidia/ Frame ED04 9 KB
4 KB 29ms
9ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8e3adedd6f76ceb5825dd9d6f211c14b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 12:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3832
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 23:51:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 12:21:05 GMT

GET
H2 200 3948120a15a578e7f932062966c168f5.js Show response
www.gstatic.com/mysidia/ Frame ED04 10 KB
4 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3948120a15a578e7f932062966c168f5.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58ec48d4b2f76f2e63e163a7292d6cf6fe8daee7e4e660dce65eacea9ebf8c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4226
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 23:51:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 16:16:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame ED04 9 KB
1017 B 59ms
58ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Apr 2023 16:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Apr 2023 15:57:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Apr 2023 16:39:10 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame ED04 2 KB
846 B 63ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 16:53:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame ED04 21 KB
9 KB 60ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame ED04 3 KB
1 KB 63ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame ED04 19 KB
8 KB 61ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 06:15:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED04 159 KB
49 KB 56ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Apr 2023 16:39:10 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame ED04 32 KB
14 KB 29ms
11ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 12:00:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ED04 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3xt1LV9FZLD_NtOExdwP1cikqAmQi-KKcI__qcyKEajA6uCLDhABIMzT7IIBYJXikIKgB6ABoZXy7QLIAQGpAm9kdFcwbrI-qAMByAPLBKoExAFP0Nasj9fO2QXLxmVgBY0CoM__nP-Juyuy_yj2h_AT3UlqxshzViUmDqTSpejT_cTgkWdDHGHlDjVaKDxpNOBhicjD4sbdbeAekdcBvmXMWOFfE3RjiiaUkkLlXO3BteIAvvgHVWMF4f4tQoQ77EcokCsBZwPMVPzU4cL422THOnAWKO1QK7sqvcsdHymatI-Krub8-o5_wmnjj91t2Iir59LwwWpsfW94t32CHIKL-QPwVMGrDoB_8FWgNSI5Y5LVxL5MwATml8yIqASSBQQIBBgBkgUECAUYBIAHx-qNkgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDmwALSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=_aTubDCuIqw&uach_m=[UACH]&cid=CAQSGwBygQiDHgkJ9PGSSwfwEhwJ27BMNoxLic57TxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 23 Apr 2023 16:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 23 Apr 2023 16:39:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AD72 143 B
166 B 6ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:21:45 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ED04 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea40545ae71209809fd42c76b56385d7482b325afaa4628f0892bff8c50d2b96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AD72
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
28ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:39:11 GMT
expires: Sun, 23 Apr 2023 16:39:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:39:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response
pagead2.googlesyndication.com/bg/ Frame 5796 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14219
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 16:33:30 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame ED04 62 KB
23 KB 46ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81fac6325b1f2079b58fe2257f06a8556902b77a50046b01c811aaf30655fac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1884
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23600
x-xss-protection: 0
server: cafe
etag: 5417508281733954414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 17:07:47 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame ED04 0
45 B 832ms
286ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lgtmwikf&chm=1&ctx=2&gqid=LV9FZOSeNoqRywXoqoywBA&qqid=CPDJyLy4wP4CFVNCkQUdVSQJlQ&met.4=fb.2c~lb.4k~ol.5y~bdt.-115~bpp.-vr~idt.-r2~dtd.-qk~dt.-vw&met.3=200.28_6~555.4n~556.4n_2~733.4s~748.5b~742.4s_n~738.5y~749.5y_3~736.63_1~735.65_1~113.7v_4~112.7u_6&met.1=1.lgtmwicl~6.1~7.1~8.1~9.1~10.1~12.1~13.8~14.8~15.1x~16.4k~17.4k~18.4k~19.5s~20.5s~21.61~22.4o~23.4o&met.7=CAwQCBgBMAg42QFoAXAHePElgAHFI4gBuVGwAQG4AQM~CBsQBxgBIFQoVDByOB8~CBsQBxgBIFQoVDB3OCM~CBIQBxgBIFYoVjCSATg8aFdwkQF4qQmAAf0GiAHHRaoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBIFYoVjCVATg_aIsBcJQBeI4IgAHiBYgBkQywAQG4AQM~CAkQChgBIFYoVjCTATg9QFdIa1BrWIkBYHhoiwFwkgF4g0WAAddCiAHtqgGwAQG4AQM~CB4QChgBIFYoVjCVAThAaIsBcJUBeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIFYoVjCUATg-aIsBcJMBeNRBgAGoP4gB65kBsAEBuAED~CBsQChgBIFYoVjB1OB8~CE0QChgBIFYoVjCWAThAQFdIXVBdWHtgYmh8cI4BeLSGA4ABiIQDiAH99AmwAQG4AQM~CCEQBBgBIJ0BKJ0BMNEBODNongFw0AF4rAKwAQG4AQM~CCgQBRgBIKEBKKEBMKgBOAdoogFwqAF4vQOAAZEBiAGPAbABAbgBAw~CCgQChgBINoBKNoBMI4CODNA2wFI7wFQ7wFYgwJg9AFogwJwiQJ43LoBgAGwuAGIAd_uA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14212964297575644363
tpc.googlesyndication.com/daca_images/simgad/ Frame 69EC 108 KB
109 KB 10ms
9ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14212964297575644363

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950146&bpp=20&bdt=661&idt=20&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0&nras=1&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=980315297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sGWMz5GpNb&p=https%3A//all-news.co&dtd=26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dce36a3b07e5f030b4bca5cff2c9c12edec9c10403f39c5b85052821e6c8b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 05:31:24 GMT
x-content-type-options: nosniff
age: 40067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110900
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 07:20:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 22 Apr 2024 05:31:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 69EC 21 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 69EC 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 69EC 19 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 06:15:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69EC 159 KB
49 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Apr 2023 16:39:11 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 69EC 32 KB
13 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e4e65e7db3c40d4bb9c16f3e85e1e7ed107d564d25c56e3170b38da5460506f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13160
x-xss-protection: 0
server: cafe
etag: 2897017380701680925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 18:58:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 69EC 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs5zKLl9FZMm-DczjywXI6r2ABPryzZhwlc-ak6AR29keEAEgzNPsggFguwagAcj-q6cCyAECqQJFHlPOURqBPqgDAcgDyQSqBMUBT9DaCgT9UNgyC_IB-O7H30m5AEBbyhZM8Gaf5v0DwKgIHbfyi5C1_rNXw4xpmoQ-5zEEC6Ug0qhAVEWGr14wUdfOE6SxX4V5xXtGZpDl-CLYCWoehUFvbkx9ShkqBm4w-rHAzEpSYRbPKajXgKoWxlAFv20BwI-_LdIrJj1lLWAaLE-6ouYKIKCvUWka6z6letPJJNa-iM2nEhdCrb5WG9AUJ5iCXB-cNLnnMMlCzQI8E4pC6FZqycI2Ctmwvh4opdspCvfABOX-3cqiBJIFBAgEGAGSBQQIBRgEoAYCgAeFiqOkAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPbQA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=XP7wrpTJZ7Y&uach_m=[UACH]&cid=CAQSTABygQiDkrA2Xi1OCNPM2IFxxisSIDOIxnRAlEeKWt3mZYaWOxttaoYmuD6HCuHlx4EOTpfY7AetDKBZY6yNN-_D2cbibf6t-6yLOj0YAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950146&bpp=20&bdt=661&idt=20&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0&nras=1&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=980315297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sGWMz5GpNb&p=https%3A//all-news.co&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 23 Apr 2023 16:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 37B0 143 B
166 B 6ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950146&bpp=20&bdt=661&idt=20&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0&nras=1&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=980315297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sGWMz5GpNb&p=https%3A//all-news.co&dtd=26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:21:45 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 69EC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e5961ee3a4ded043cc01b78c75be061dcfc90f3a252a3b0e39ad01dac657f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 37B0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
22ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:39:11 GMT
expires: Sun, 23 Apr 2023 16:39:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:39:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C0B9 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1aZVLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS2AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwRab8Ked7oKo4h2ISHUy9RcGMX-Ro85Ouf5Az9XxYoih9U2Lc_GN8gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=v-AYUIQ0EOo&uach_m=[UACH]&cid=CAQSPABygQiDoUF2i2UkeAuzN8CoJbBARYdS934jCD3Fwm3qDXVJnQx0ELVLv2yjLoqBPgMh_NolkCxDMX3wZxgB

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=3190200712&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280&nras=2&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=lJmYbRZbyP&p=https%3A//all-news.co&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 23 Apr 2023 16:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame C0B9 0
0 54ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hsx0k039pmmh1kc6yq07m6ewrv2cy4fmghqq56h94p4napps5hnkren6987tkgs5ksaeyj2y135a7w5ptx4gzzvxsj89rqv6nxm8xh2zf36nrq8n7d6f6awdmsdas1zpwtn3rgr8nzxj0y71bgmxwxp848jv3xk1xwkke034raqx3919w96espz401am7h50zqwktpfn7kzkb0zkwx2hh3j2grnrfqqd890etqzypfg9yn1gketra1hmr8ea8b7envf07hyqe21qema300sfx3mhpqthrce9s01v3drzac3x4a9qf7z9mp1v3j3cp1jejmmpvayx5hqdcvahpqypkx6x1phse8sa3g5andn3pg0xb9vapcd03xgk274516nyccdxzjb7k281xzq&b=ZEVfLgAMIZEKsuIRAAFdr2Xtp62dUQNbAlYtvg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 23 Apr 2023 16:39:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame A5CE 2 KB
2 KB 58ms
30ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k8eyd1353g68cbvwtwapvkyhznkpxkzx72ray9djt5stp5h6e8m7f218q6j2a07k4h032erbrgzxkd5k6xszck0qnec1pyp0aze4k35c9dczyxjzct1p21ygbzkfb4ct3k5pmrsc8596wdqkbp14psqq44tbsq89qwxas03d42rm61zzhk8hwnq629e3qecfn53515h1raj670tjwyvday7nmkcwe9eaxtxr6c2efe5f418gpvd3vefdt6h971v604dmv04a95j5cs4v2h80423cxpgmcfhejr60nd6veymvv52p4q7zhjbgx917yrj5r2p6pwyygjdjc4h2j8h11hpktqq8e6bqn74f4rsn2as1pqpgj312xhk6h4m804040w1m8ce8zgsx248xxqpb8e36beahqh887x4jx6vqdwbjnsr6mkv2y6892bwn53sbct64zfnfjz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%26client%3Dca-pub-8439024877331049%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=3190200712&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280&nras=2&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=lJmYbRZbyP&p=https%3A//all-news.co&dtd=24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b19673183512e55afcfa011edf11cb7a8d0daaea0bb80de2ad9891e7d910e2f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bc78a87aeef361b-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:39:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C0B9 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0071 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Sun, 23 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C0B9 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 06:15:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C0B9 0
0 16ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwLliG9OOVFd5hFb09ONEcgWi2HyTe_TNp5wNcBJOsgRAWtaZU5PoYJwddUGFXVkVgxyFH5NVKcpggQc-dZypUI1grFQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=3190200712&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280&nras=2&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=lJmYbRZbyP&p=https%3A//all-news.co&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0B9 159 KB
49 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Apr 2023 16:39:11 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 69EC 62 KB
23 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81fac6325b1f2079b58fe2257f06a8556902b77a50046b01c811aaf30655fac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1884
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23600
x-xss-protection: 0
server: cafe
etag: 5417508281733954414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 17:07:47 GMT

GET
H3 200 CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response
pagead2.googlesyndication.com/bg/ Frame A462 36 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14219
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 16:33:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BC89 9 KB
921 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=739071646&adf=2912998144&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280&nras=4&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3399&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=wYM4xEUUtT&p=https%3A//all-news.co&dtd=53

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Apr 2023 16:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Apr 2023 15:50:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Apr 2023 16:39:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame BC89 2 KB
765 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 16:53:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame BC89 21 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame BC89 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame BC89 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 06:15:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BC89 0
0 15ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRksdkrEnIwh_dkCNmujFmWRSktjEXQZLgKvzWsikyG6Romah6CCTdOsShojD_KpLhRTRccgGJXrf8ovxhL_33XCRgO4w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=739071646&adf=2912998144&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280&nras=4&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3399&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=wYM4xEUUtT&p=https%3A//all-news.co&dtd=53
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC89 159 KB
49 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Apr 2023 16:39:11 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame BC89 32 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 12:00:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BC89 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CluE8Ll9FZL-BMvSDxdwPiIGH2AaQi-KKcJeDqsyKEZ-bvuXpDxABIMzT7IIBYJXikIKgB6ABoZXy7QLIAQmpAm9kdFcwbrI-qAMByAPLBKoEvgFP0GeiwRv9Hm7IG4OfkrShdHFeclb6W9dya1KD1z70WgpFtolwdshOPBVZFRC_VaCYSgjsRwR_4M7uHFOr4wLseg3UVDt8QYzm08TQ8KqiUDkWyFNcwDY_9gh97C_cRogdAQaLm-0gWuzqtpJoBpHzYD4MzMmC9g6Qx5_XuiL_7IyLXDpYo2RnEwZZQtjF77A-0SvElP-iK0eyGbF2ZATLvqwe2yHP82ofWtD7_zLCFqfBDJndjrPH30hHr4g8wATml8yIqASSBQQIBBgBkgUECAUYBKAGLoAHx-qNkgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxC_U9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=fzhWqK4cdC8&uach_m=[UACH]&cid=CAQSPABygQiD5wNCRFO19X8oe-xvquT0csNiqedoC-PDm7esUVsu6yGD2DkycC_ZcAYoZbES0PhoobpDWvs2hRgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=739071646&adf=2912998144&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280&nras=4&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3399&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=wYM4xEUUtT&p=https%3A//all-news.co&dtd=53
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 23 Apr 2023 16:39:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10124073551029934258/ Frame BC89 29 KB
29 KB 11ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10124073551029934258/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9e91b3f9774fe3dc34aadf01aeee6bb22c83965b4f1562ce7936cc2057a3aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:40:44 GMT
x-content-type-options: nosniff
age: 79107
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29266
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 19:11:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 18:40:44 GMT

GET
DATA 200
OK truncated
/ Frame BC89 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BC89 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0071
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFiRdBvpd3RLWE1pbHx2rqw&google_cver=1&google_push=ATf1kGPPUBkq8l64JInqJJmAtU2uk2qHBn1oeQrU1UCCpBmcTkwn4U0Zbjv6NYk1-0cGh4PdM-5DAa4p2cV1wrIEwJ1b_eIOmm9oAHo
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ5OTIyOTE2NjM3MTYzMjQzMA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM9Pqbe_-UyG8cesyn8P3XM&google_cver=1

43 B
398 B

128ms
15ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM9Pqbe_-UyG8cesyn8P3XM&google_cver=1
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM9Pqbe_-UyG8cesyn8P3XM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0071
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEC3iM_xRgK7l9iz2ztYqeZQ&google_cver=1&google_push=ATf1kGNh9N01P7nfRXZZbkiSfhoNMAf0zPPhhTnxWW9lNGYA_Hblp2hKz6eaCky24GmsZ4M6e9erpeDpkKeIOwWF2To9q30bCr0-js4
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C7E4258CA81246948C1B678B3E9A4764&google_push=ATf1kGNh9N01P7nfRXZZbkiSfhoNMAf0zPPhhTnxWW9lNGYA_Hblp2hKz6eaCky24GmsZ4M6e9erpeDpkKeIOwW...

170 B
329 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C7E4258CA81246948C1B678B3E9A4764&google_push=ATf1kGNh9N01P7nfRXZZbkiSfhoNMAf0zPPhhTnxWW9lNGYA_Hblp2hKz6eaCky24GmsZ4M6e9erpeDpkKeIOwWF2To9q30bCr0-js4

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 23 Apr 2023 16:39:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C7E4258CA81246948C1B678B3E9A4764&google_push=ATf1kGNh9N01P7nfRXZZbkiSfhoNMAf0zPPhhTnxWW9lNGYA_Hblp2hKz6eaCky24GmsZ4M6e9erpeDpkKeIOwWF2To9q30bCr0-js4
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 22 Apr 2023 16:39:11 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0071 70 B
265 B 102ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELWJs4FqVfYp5ew0IfPq2ag&google_cver=1&google_push=ATf1kGMLCc4bFXA0DMwWRVKDV4Db53V1YwQuDrbZblaNJN-FTXsxcL0JRQy8D_1JdHS40potOpLjFr1EGM8rVgc5I7XPOqkTFBPlXg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=3190200712&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280&nras=2&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=lJmYbRZbyP&p=https%3A//all-news.co&dtd=24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0071
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB0rTwsvQGDUwZrF0OFlvYY&google_cver=1&google_push=ATf1kGOQeKMbqftyd06fiDwHGaneDMzi5PAarsJSMnJkdcor0slcrBPwnFTGuhpbVx_I9WGLKwRLUt-J...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB0rTwsvQGDUwZrF0OFlvYY&google_cver=1&google_push=ATf1kGOQeKMbqftyd06fiDwHGaneDMzi5PAarsJSMnJkdcor0slcrBPwnFTGuhpbVx_I9WGLKwR...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ4Nzc5MzI0ODc4ODY4NTcxNQ&google_push=ATf1kGOQeKMbqftyd06fiDwHGaneDMzi5PAarsJSMnJkdcor0slcrBPwnFTGuhpbVx_I9WGLKwRLUt...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ4Nzc5MzI0ODc4ODY4NTcxNQ&google_push=ATf1kGOQeKMbqftyd06fiDwHGaneDMzi5PAarsJSMnJkdcor0slcrBPwnFTGuhpbVx_I9WGLKwRLUt-JJ2AlmUZiaog0WgClUgi3pg

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ4Nzc5MzI0ODc4ODY4NTcxNQ&google_push=ATf1kGOQeKMbqftyd06fiDwHGaneDMzi5PAarsJSMnJkdcor0slcrBPwnFTGuhpbVx_I9WGLKwRLUt-JJ2AlmUZiaog0WgClUgi3pg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0071
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB0rTwsvQGDUwZrF0OFlvYY&google_cver=1&google_push=ATf1kGPFexICSQ3uvX8Gt23KS-RFftcjeGW5z35vOV9QXy6MphfJIgSyUgnCJtn60skIwgeZVA4D5-rS...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB0rTwsvQGDUwZrF0OFlvYY&google_cver=1&google_push=ATf1kGPFexICSQ3uvX8Gt23KS-RFftcjeGW5z35vOV9QXy6MphfJIgSyUgnCJtn60skIwgeZVA4...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcyMjgzODA3OTM0MTA5NzYyMA&google_push=ATf1kGPFexICSQ3uvX8Gt23KS-RFftcjeGW5z35vOV9QXy6MphfJIgSyUgnCJtn60skIwgeZVA4D5-...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcyMjgzODA3OTM0MTA5NzYyMA&google_push=ATf1kGPFexICSQ3uvX8Gt23KS-RFftcjeGW5z35vOV9QXy6MphfJIgSyUgnCJtn60skIwgeZVA4D5-rSteAc4SJftqZR0nqeJBv-ATY

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcyMjgzODA3OTM0MTA5NzYyMA&google_push=ATf1kGPFexICSQ3uvX8Gt23KS-RFftcjeGW5z35vOV9QXy6MphfJIgSyUgnCJtn60skIwgeZVA4D5-rSteAc4SJftqZR0nqeJBv-ATY
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0071
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMKAE1uSF5F3E-teK4KKg9k&google_cver=1&google_push=ATf1kGPWdubXAlkXoc1v8wX66lScO6k8_DXb8kzRzWDDKVZDo531L1JJrNdHAWEbGZTKz2vj2y7...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdUTVdJU0YtWi0zOTE3&google_push=ATf1kGPWdubXAlkXoc1v8wX66lScO6k8_DXb8kzRzWDDKVZDo531L1JJrNdHAWEbGZTKz2vj2y7-ud5zhsYH28FnOJEX8gZn5vyB_eA

170 B
232 B

22ms
21ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdUTVdJU0YtWi0zOTE3&google_push=ATf1kGPWdubXAlkXoc1v8wX66lScO6k8_DXb8kzRzWDDKVZDo531L1JJrNdHAWEbGZTKz2vj2y7-ud5zhsYH28FnOJEX8gZn5vyB_eA

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdUTVdJU0YtWi0zOTE3&google_push=ATf1kGPWdubXAlkXoc1v8wX66lScO6k8_DXb8kzRzWDDKVZDo531L1JJrNdHAWEbGZTKz2vj2y7-ud5zhsYH28FnOJEX8gZn5vyB_eA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 0071
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED2j_CtUZNYVrf_7E68FzTo&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGNkJL5Rqo_o64T0JrrZHqgyVSRqrYbr988P_k_sMa826BYBkNoqs6dq7HnEofdgcDX3mwDPHnKz8iwqOy_rsI3fluBhPQN_US20
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

49ms
49ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=3190200712&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280&nras=2&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=lJmYbRZbyP&p=https%3A//all-news.co&dtd=24
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Sun, 23 Apr 2023 16:39:11 GMT
pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0071 0
130 B 49ms
14ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KWcYmB-9Ve0B_HbntK8R_csj4Tm2NAGibsdD4xjUcqceTjVtwyPN1cnlUtzvt4iux38gY0uA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame C0B9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0f283ee9b1ce4f4c37ca29d4d95a74dc321684268f9876bf85f1547dcea4b31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame A5CE 94 KB
12 KB 26ms
25ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k8eyd1353g68cbvwtwapvkyhznkpxkzx72ray9djt5stp5h6e8m7f218q6j2a07k4h032erbrgzxkd5k6xszck0qnec1pyp0aze4k35c9dczyxjzct1p21ygbzkfb4ct3k5pmrsc8596wdqkbp14psqq44tbsq89qwxas03d42rm61zzhk8hwnq629e3qecfn53515h1raj670tjwyvday7nmkcwe9eaxtxr6c2efe5f418gpvd3vefdt6h971v604dmv04a95j5cs4v2h80423cxpgmcfhejr60nd6veymvv52p4q7zhjbgx917yrj5r2p6pwyygjdjc4h2j8h11hpktqq8e6bqn74f4rsn2as1pqpgj312xhk6h4m804040w1m8ce8zgsx248xxqpb8e36beahqh887x4jx6vqdwbjnsr6mkv2y6892bwn53sbct64zfnfjz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k8eyd1353g68cbvwtwapvkyhznkpxkzx72ray9djt5stp5h6e8m7f218q6j2a07k4h032erbrgzxkd5k6xszck0qnec1pyp0aze4k35c9dczyxjzct1p21ygbzkfb4ct3k5pmrsc8596wdqkbp14psqq44tbsq89qwxas03d42rm61zzhk8hwnq629e3qecfn53515h1raj670tjwyvday7nmkcwe9eaxtxr6c2efe5f418gpvd3vefdt6h971v604dmv04a95j5cs4v2h80423cxpgmcfhejr60nd6veymvv52p4q7zhjbgx917yrj5r2p6pwyygjdjc4h2j8h11hpktqq8e6bqn74f4rsn2as1pqpgj312xhk6h4m804040w1m8ce8zgsx248xxqpb8e36beahqh887x4jx6vqdwbjnsr6mkv2y6892bwn53sbct64zfnfjz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 1056870
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zVgriMEovJLgOCmO8t47fY%2BrU087MzNDK0efZIgw1mSxs1awtoj3vah3oEk%2FA4uhm2YiyVTgZg0IVFcpLyA2Xau67JrqvNZZni%2FMFZQgdSiZ3vEC5xkebR9zdkOacnIQMFxfXS8Mg0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7bc78a884fa3361b-FRA
expires: Sun, 23 Apr 2023 17:39:11 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A5CE 25 KB
10 KB 41ms
22ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k8eyd1353g68cbvwtwapvkyhznkpxkzx72ray9djt5stp5h6e8m7f218q6j2a07k4h032erbrgzxkd5k6xszck0qnec1pyp0aze4k35c9dczyxjzct1p21ygbzkfb4ct3k5pmrsc8596wdqkbp14psqq44tbsq89qwxas03d42rm61zzhk8hwnq629e3qecfn53515h1raj670tjwyvday7nmkcwe9eaxtxr6c2efe5f418gpvd3vefdt6h971v604dmv04a95j5cs4v2h80423cxpgmcfhejr60nd6veymvv52p4q7zhjbgx917yrj5r2p6pwyygjdjc4h2j8h11hpktqq8e6bqn74f4rsn2as1pqpgj312xhk6h4m804040w1m8ce8zgsx248xxqpb8e36beahqh887x4jx6vqdwbjnsr6mkv2y6892bwn53sbct64zfnfjz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 442403
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXPOGlHD4PYUFh3kjvr%2F%2FZLP5pky9%2BtO8brxqdfuNQbTQs6qOQD8USyrhi5AljDyM5cWdE46sI8Kr4G9QkV7etGs3X1CRb7kbrXLjtZUWW4c4TcJAq%2FEFetC7b%2B6NCdExi1dwNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7bc78a885fc3361b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Apr 2023 13:45:45 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 69EC 0
234 B 537ms
281ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lgtmwirn&chm=1&ctx=2&gqid=Ll9FZMj2C9CSywX2yorgDw&qqid=CMmN3Ly4wP4CFczxsgodSHUPQA&met.4=fb.s8~lb.t0~ol.ua~bdt.-j4~bpp.-7~idt.-7~dtd.-1~dt.-r&met.3=422.sx~733.td~748.to~749.to~742.td_d~735.u1_1~555.u2~739.u2~556.u2_1~738.u4~113.x2_1~112.x2_1&met.1=1.lgtmwhul~6.0~7.1~8.1~9.1~10.1~11.1~12.1~13.r8~14.rf~15.rl~16.u2~17.u2~18.u4~19.u4~20.u4~21.ua&met.7=CAUQCBgBMNsHOMIIaAFw1Ad4iYoCgAHdhwKIAcbYBbABAbgBAw~CBcQBhgBIPIHKPIHMIkIOBdo9Adw_Ad44OQGgAG04gaIAbTiBrABAbgBAw~CAkQChgBIPIHKPIHMPsHOAho9Adw-gd4g0WAAddCiAHtqgGwAQG4AQM~CB4QChgBIPMHKPMHMIoIOBho_gdwigh4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIPMHKPMHMIoIOBdo_gdwiQh41EGAAag_iAHrmQGwAQG4AQM~CE0QChgBIPMHKPMHMJcIOCRo_gdwlAh4tIYDgAGIhAOIAf30CbABAbgBAw~CBwQChgBIPMHKPMHMIsIOBho_gdwigh4lGmAAehmiAHG_gGwAQG4AQM~CCEQBBgBIIEIKIEIMLUIODVogQhwtAh4rAKwAQG4AQM~CCgQBRgBIJIIKJIIMJoIOAhokwhwmQh4vQOAAZEBiAGPAbABAbgBAw~CCgQChgBINEIKNEIMNwIOAto0ghw2gh43LoBgAGwuAGIAd_uA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0400 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Sun, 23 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BC89 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2f5b30ec2d810ca80a749b0b0b39b981b096e9e9a428e3aa583d5795749491e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame BC89 29 KB
29 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:16:02 GMT
x-content-type-options: nosniff
age: 127389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 05:16:02 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0400 0
104 B 420ms
22ms Image
text/plain 64.158.223.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMBr3XfrMtfIRIcezApnZpo&google_cver=1&google_push=Aer7DvJSJCW5h1fw9tJwB-3VB6UXn6pS64UHmdzp8OhQD9JWFbBYAp9ayTAnOWk59-a3mAIOimenb1aUUBp5IvpCvXxe0jWnJHSR3eXA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=739071646&adf=2912998144&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280&nras=4&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3399&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=wYM4xEUUtT&p=https%3A//all-news.co&dtd=53
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0400
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOx3P2j1elv2jldXmhRKgX4&google_cver=1&google_push=Aer7DvKuByPd4B3oUzLM6Y-CqOlr1vbS7GvG-mKJg0SdBlN-exfEQ1sesHYeyzjf5UQRBBOG910iCEU0TVV6opIy...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKuByPd4B3oUzLM6Y-CqOlr1vbS7GvG-mKJg0SdBlN-exfEQ1sesHYeyzjf5UQRBBOG910iCEU0TVV6opIyjylg7v5kDXhO-qdS

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKuByPd4B3oUzLM6Y-CqOlr1vbS7GvG-mKJg0SdBlN-exfEQ1sesHYeyzjf5UQRBBOG910iCEU0TVV6opIyjylg7v5kDXhO-qdS

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 23 Apr 2023 16:39:11 GMT
Server: MT3 830 785530e master zrh-pixel-x11 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKuByPd4B3oUzLM6Y-CqOlr1vbS7GvG-mKJg0SdBlN-exfEQ1sesHYeyzjf5UQRBBOG910iCEU0TVV6opIyjylg7v5kDXhO-qdS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 23 Apr 2023 16:39:10 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0400 70 B
264 B 33ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEN2JcKSFOLutYggDXBc6mJA&google_cver=1&google_push=Aer7DvKfg5U2iQvp8Ul2oYISPx8xhmyW6iT53SM1RUYo36shgPqNxfiPEC72UZsIE08DQdckGRTvnT6-Q__VdqKQp3qHH1toCC1-NQai
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=739071646&adf=2912998144&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1249&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280&nras=4&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3399&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=wYM4xEUUtT&p=https%3A//all-news.co&dtd=53
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0400
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEMWJTXKOYEPOUZPcjB3tjFE&google_cver=1&google_push=Aer7DvItj5pRQTM_1D7KIJ774azXH0og8OsIZXze_Wr6E2KOcCGerwj2eaJd-55ETpdLkxOgzoXv6bonPNnLpB1wVL9i_5a5041CGRiq
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aer7DvItj5pRQTM_1D7KIJ774azXH0og8OsIZXze_Wr6E2KOcCGerwj2eaJd-55ETpdLkxOgzoXv6bonPNnLpB1wVL9i_5a5041CGRiq&google_hm=Q0FFU0VNV0pUWEtPW...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aer7DvItj5pRQTM_1D7KIJ774azXH0og8OsIZXze_Wr6E2KOcCGerwj2eaJd-55ETpdLkxOgzoXv6bonPNnLpB1wVL9i_5a5041CGRiq&google_hm=Q0FFU0VNV0pUWEtPWUVQT1VaUGNqQjN0akZF

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 23 Apr 2023 16:39:11 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aer7DvItj5pRQTM_1D7KIJ774azXH0og8OsIZXze_Wr6E2KOcCGerwj2eaJd-55ETpdLkxOgzoXv6bonPNnLpB1wVL9i_5a5041CGRiq&google_hm=Q0FFU0VNV0pUWEtPWUVQT1VaUGNqQjN0akZF
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0400
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEACi3GRvJh2rkmbI0GKvx-U&google_cver=1&google_push=Aer7DvIvfnYOdlUX6a_xgXp-0_Z0DiVRhIm8yHfqn90LpbztHyrM8zIH918glbQt6QrkvkP7ZvffaJN5w072n7NEIc8u8GO...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIvfnYOdlUX6a_xgXp-0_Z0DiVRhIm8yHfqn90LpbztHyrM8zIH918glbQt6QrkvkP7ZvffaJN5w072n7NEIc8u8GOrj0sx06Q&google_hm=eS0zOHZzZjBSRTJwR0x...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIvfnYOdlUX6a_xgXp-0_Z0DiVRhIm8yHfqn90LpbztHyrM8zIH918glbQt6QrkvkP7ZvffaJN5w072n7NEIc8u8GOrj0sx06Q&google_hm=eS0zOHZzZjBSRTJwR0xyci5HV1JIcmw0NXFPbHI4WFVUeX5B

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 23 Apr 2023 16:39:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIvfnYOdlUX6a_xgXp-0_Z0DiVRhIm8yHfqn90LpbztHyrM8zIH918glbQt6QrkvkP7ZvffaJN5w072n7NEIc8u8GOrj0sx06Q&google_hm=eS0zOHZzZjBSRTJwR0xyci5HV1JIcmw0NXFPbHI4WFVUeX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0400
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RMWK5KyhThCnVNbWWp8YbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RMWK5KyhThCnVNbWWp8YbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJkqvuRwpwVUauOoYujErjSXjsShQyPsesMSQrnvefT_9G6MK7PnQh3qP5WFzT3v1MCZcL921yPIXJCvGwgnpCJgMPcELTPLqwl

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RMWK5KyhThCnVNbWWp8YbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJkqvuRwpwVUauOoYujErjSXjsShQyPsesMSQrnvefT_9G6MK7PnQh3qP5WFzT3v1MCZcL921yPIXJCvGwgnpCJgMPcELTPLqwl
date: Sun, 23 Apr 2023 16:39:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0400
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPW7mavw8Qo5DAlSCCw9sOI&google_cver=1&google_push=Aer7DvLXWTCipWm08eMRP7Re6fGUOFxSeu19niujJEHdeKWC1Chjog6NfRIWEKQO0IqiI_UvYLmjeCrkBmiE...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLXWTCipWm08eMRP7Re6fGUOFxSeu19niujJEHdeKWC1Chjog6NfRIWEKQO0IqiI_UvYLmjeCrkBmiEPCfz-rkknsA58Ag52nY

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLXWTCipWm08eMRP7Re6fGUOFxSeu19niujJEHdeKWC1Chjog6NfRIWEKQO0IqiI_UvYLmjeCrkBmiEPCfz-rkknsA58Ag52nY

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLXWTCipWm08eMRP7Re6fGUOFxSeu19niujJEHdeKWC1Chjog6NfRIWEKQO0IqiI_UvYLmjeCrkBmiEPCfz-rkknsA58Ag52nY
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0400 0
12 B 15ms
15ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JtmgaaQ2rjWp-PHSNzxu-kh7yisur8jVkW0IV-Z4IEPXAcePkdpBc_4WiShzhWN7b1N7lk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response
pagead2.googlesyndication.com/bg/ Frame FBD4 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14219
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 16:33:30 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame BC89 62 KB
23 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81fac6325b1f2079b58fe2257f06a8556902b77a50046b01c811aaf30655fac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1884
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23600
x-xss-protection: 0
server: cafe
etag: 5417508281733954414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 17:07:47 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A5CE 3 KB
4 KB 46ms
19ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1414
x-guploader-uploadid: ADPycds4_fkNWsUn9dqbK6vvrl69R7e2yptmTdP7xpUchNj65TN_2MLwN7wim7e5PV-VpnLQR6Er5SZaeY4xOYgj7O9fMJM4tduP
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmEvxozgm9GBnwGsFD96Vre8UAAM%2FDYgUdCxEp53Iph%2FBQ%2FO69ka%2FiRK%2FJYMBjjEXqIRt77mu%2BVcroc5nYtHK9be4D1xGEKj3ZpQtc8N87iFfbXwNdhYBnyXCk0%2B81Pyvs4LnOILwBq66imYlM7SDwxp"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7bc78a88dc33363f-FRA
expires: Sun, 23 Apr 2023 16:22:58 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 1DB4 2 KB
1 KB 26ms
26ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1551766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7bc78a88bbca382a-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 23 Apr 2023 16:39:11 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EwGImAEAXbhWyU9RKMqzmXPCExA5zFETpMZtpZY3wf3BiiUxu%2BeG2RazXUPKXYhKYvvHv9x346oq0gv4CaGKHNJ%2FMwXVmV1nvi3%2F1Lida0LQDlOYjLdKpT3PAgXBoe6mYEMiMk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 204 csi
csi.gstatic.com/ Frame BC89 0
45 B 400ms
286ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lgtmwiwh&chm=1&ctx=2&gqid=Ll9FZKquMZ6JxdwP-NOC2AY&qqid=CL_QgL24wP4CFfRBkQUdiMABaw&met.4=fb.e6~lb.hb~cmrload.ig~ol.ir~bdt.-106~bpp.-1g~idt.-1g~dtd.0~dt.-1h&met.3=733.he~748.hq~742.he_e~739.hw~555.i9~556.i9_1~738.iq~749.iq_2~735.iw_1~113.kv_1~112.ku_1&met.1=1.lgtmwibm~6.1~7.1~8.1~9.1~10.1~12.1~13.da~14.di~15.dp~16.hw~17.hw~18.hw~19.ij~20.ij~21.is&met.7=CAUQCBgBMOYDOKMFaAFw3gN416QCgAGrogKIAZDXBrABAbgBAw~CBIQBxgBIPQDKPQDMIQEOBBo9ANwhAR4qQmAAf0GiAHHRaoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBIPQDKPQDMPwDOAho9QNw-wN4jgiAAeIFiAGRDLABAbgBAw~CAkQChgBIPQDKPQDMP0DOAlo9QNw-wN4g0WAAddCiAHtqgGwAQG4AQM~CB4QChgBIPQDKPQDMIsEOBdoggRwigR4gAyAAdQJiAGBFbABAbgBAw~CBsQBhgBIPQDKPQDMJEEOB0~CBwQChgBIPQDKPQDMP4DOApo9QNw_AN41EGAAag_iAHrmQGwAQG4AQM~CE0QChgBIPQDKPQDMKMEOC9oggRwnQR4tIYDgAGIhAOIAf30CbABAbgBAw~CBsQChgBIPQDKPQDMIoEOBY~CCEQBBgBIIQEKIQEMLkEODRohQRwuAR4rAKwAQG4AQM~CBcQAhgBIIcEKIcEMJQEOA1oiwRwkgR4_uYBgAHS5AGIAdLkAbABAbgBAw~CBwQBRgBIO4EKO4EMPcEOAlo8ARw9gR4lgeAAeoEiAGWCbABAbgBAw~CCgQChgBIKcFKKcFMK8FOAlopwVwrQV43LoBgAGwuAGIAd_uA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame C0B9 62 KB
23 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81fac6325b1f2079b58fe2257f06a8556902b77a50046b01c811aaf30655fac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1884
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23600
x-xss-protection: 0
server: cafe
etag: 5417508281733954414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 17:07:47 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame A5CE 1 KB
2 KB 39ms
39ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b712db8300435e1b7f506938fcbf6cf285b7d680e476dd9aacd3e2a1864ec1b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zE1cXRAz6zdWTPXRhkMmTaj0vBqd4P1eNHH0FSdadpRSV00RZoWY%2BdJqjVChV86cj0o%2FxGyQZGYswNJvwZeCg54Ee7jKz3oksEptnLTg79vyT7GCNQcajIWMaJrELOXTqjUyy9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7bc78a896c569bf5-FRA
x-backend-server: aa-reachservice-group-europe-west1-d04m
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 41ms
31ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bc78a893c129bf5-FRA
content-length: 24
content-type: text/plain
date: Sun, 23 Apr 2023 16:39:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUQU2mvGHotM2GGxODuZtWHxCk8%2BePGGv30tvEIUPh1nG2mFmvoCCVRWhbntKker0Dp4V6wwpOcr7bR%2FChi4NRLhaOUIvCLo2RD%2FqvJvhK5tuBDvowaEnpIM%2B6TbygzjiAN1pTo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-d04m

POST
H2 204 csi
csi.gstatic.com/ Frame C0B9 0
54 B 378ms
281ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lgtmwix2&chm=1&ctx=2&gqid=Ll9FZLjTL5uQygWr35HABw&qqid=CJGS_7y4wP4CFRHisgodr10Bgw&met.4=fb.6~cmrload.1l~lb.2v~ol.7r~bdt.-1dh~bpp.-er~dtd.-e4~dt.-es&met.3=733.2y~748.39~749.3a~742.2y_f~739.3d~735.3x_1~738.7r~113.85_1~113.86~112.85_1&met.1=1.lgtmwiox~14.4~15.0~16.4~17.4~18.4~19.4~20.4~21.4~1.lgtmwiau~6.0~7.0~8.0~9.0~10.0~12.1~13.dj~14.dk~15.dn~16.ep~17.ep~18.ep~19.lu~20.lu~21.lu&met.7=CCEQBBgBIAgoCDA9ODZoCHA8eKwCsAEBuAED~CBsQBCAIODY~CBsQBSAIOI8C~CB4QChgBIAkoCTAROAhoCXAPeIAMgAHUCYgBgRWwAQG4AQM~CBwQBRgBIAooCjASOAhoC3AReJYHgAHqBIgBlgmwAQG4AQM~CBwQChgBIAooCjAROAdoCnAReNRBgAGoP4gB65kBsAEBuAED~CBsQBhgBIAooCjAaOBA~CE0QChgBIAooCjAtOCNoC3AoeLSGA4ABiIQDiAH99AmwAQG4AQM~CCgQChgBIJgCKJgCMKMCOAtomAJwnwJ43LoBgAGwuAGIAd_uA7ABAbgBAw~CAUQCBgBMOgDOJIGaAFw5wN45G6AAbhsiAGiqAKgAYX8_________wGwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 425D 10 KB
4 KB 31ms
31ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

522f3268a3976e8154626a407c97a2ea7042a15edf1e46d0457b9bf1a9d27ec9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k8eyd1353g68cbvwtwapvkyhznkpxkzx72ray9djt5stp5h6e8m7f218q6j2a07k4h032erbrgzxkd5k6xszck0qnec1pyp0aze4k35c9dczyxjzct1p21ygbzkfb4ct3k5pmrsc8596wdqkbp14psqq44tbsq89qwxas03d42rm61zzhk8hwnq629e3qecfn53515h1raj670tjwyvday7nmkcwe9eaxtxr6c2efe5f418gpvd3vefdt6h971v604dmv04a95j5cs4v2h80423cxpgmcfhejr60nd6veymvv52p4q7zhjbgx917yrj5r2p6pwyygjdjc4h2j8h11hpktqq8e6bqn74f4rsn2as1pqpgj312xhk6h4m804040w1m8ce8zgsx248xxqpb8e36beahqh887x4jx6vqdwbjnsr6mkv2y6892bwn53sbct64zfnfjz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%26client%3Dca-pub-8439024877331049%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bc78a89bd67382a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:39:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 425D 94 KB
12 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 1056870
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zNgs7AsdUgrqciWq4t1%2FG9xMTrZeoizVJg0Nz3amuhNZalZi7lI3lWF8l0r5JoqtFh7NJNsYTbGU%2FTquwcXiBr6SLjmjaENF3h4YTrp9hJJbEsPQ%2B7izB6bb8Aq0LhTy79txnjMUDA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7bc78a89edaf382a-FRA
expires: Sun, 23 Apr 2023 17:39:11 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 425D 5 KB
5 KB 37ms
19ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933071
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBGQh5cH3%2FT38DOh%2F93cj9y0YT9B94z4F252OscKnRt3LQuAhjnFh8T4%2FkpXjTbkahz8m6KsfQ28pGvLaCM7kiElCpfHvPkhntdCG7OwSEwIVW5Y6TilzJgjJdPnO09pwaqwEeMbBAhMICX4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bc78a8a0a3d361b-FRA
expires: Mon, 24 Apr 2023 16:39:11 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 425D 91 KB
91 KB 43ms
25ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 334523
cf-polished: origSize=105738, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92686
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SuL7zyzKB5aqP%2FPJRctHnZMNTIbc1eElZzz4qAFp%2B2BsT01LfWsuwDFI3mVb%2Fh6XMLmWb3FVXfmFbVkwGbS3yiSYC7nQPVcCyChJNl5oZavBdGng9gUuKU%2FnUZs2qdmUdEVgMPo4vORlstK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bc78a8a0a3e361b-FRA
expires: Mon, 24 Apr 2023 16:39:11 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 425D 2 KB
3 KB 42ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1471226
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aF4GtgYexxz0oJy6pnewFtSVyqCQYKpIkXwAjtdQIlJ3E8hBMDrM3yKbhi0zMvFivdzVExzTqrZbLNOSPjuiLyyBE6pB0SYEo8zt4lSbgm4dpsy388J%2BKzXJFA0dtOCkAASWflOZqB4dyYjS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bc78a8a0a35361b-FRA
expires: Mon, 24 Apr 2023 16:39:11 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 425D 339 KB
340 KB 38ms
20ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1682299
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DlBbYmPyyKLQSGVUhIrA5IzV5bkFJqA0sNYSJSNrguH9Zy1RBtIc0YUC7FkNwpgQdnQKmfSKIBv9dTuui7w25uP3kWrNe1HvmU2u2n0t2iX7IlfjtuPMKj6ams%2Bh%2FLKmBNDEMkQ124vx4D%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bc78a8a0a3a361b-FRA
expires: Mon, 24 Apr 2023 16:39:11 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 425D 43 B
703 B 120ms
77ms Image
image/gif 23.210.125.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.210.125.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-125-176.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Apr 2023 16:39:11 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 425D 36 KB
36 KB 36ms
19ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681827
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egvmgwG5AS789Aq6Kj4K3rcRkvpYWrTVgZ3crc0ZXonlpNUx8Vlzyd0cIGOgkU7wnzjJikYjGYDirm%2FvI2okcpwiX62%2FKceMftYb0MSJiRG%2BMsDxiX3TgK6T02QWdBqiBs1X%2F7GHrIM7epKz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bc78a8a0a37361b-FRA
expires: Mon, 24 Apr 2023 16:39:11 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 425D 28 KB
29 KB 34ms
17ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681827
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhTCQWJA1CVoXpra0ciBcf4Wf%2FbUn%2Ff6xTVFcTjK%2F1OtYkZ1mztqHbVUZrQNNWxIbXssJh9v%2B0y%2B9f0xgkHcYYvO1DRlFIgjNzYiB4cAV8vMY0ETlQmGoKNZjCSrYlQ4R9vrC6d%2B3%2BAAaAG6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bc78a8a0a39361b-FRA
expires: Mon, 24 Apr 2023 16:39:11 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 425D 43 B
703 B 98ms
56ms Image
image/gif 23.210.125.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.210.125.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-125-176.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Apr 2023 16:39:11 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 425D 2 KB
2 KB 151ms
91ms Script
text/html 18.132.51.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jyg05bt581y3dfsnxnh39ax8pvc566qvdbnpnsh9bg9bqqe8pgg7vdt1p7h2qa60fe122ph82r6h0mmy6mqxz74va4kb52g5tfveej38h2n8ajb3rnx35nq2j6mz4fvn8qj44xsxc6apn532m8rp3actayv3xbqjkxc6xfx870wajabx2qr5fwp9e38s76t7wsv787ejsak9ff3qeewty3jb67dxmfvz6t4v5j89sy71fgcq5dyywhpape0gn2jnk45w%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.51.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-51-149.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: f041e67172d6e80a08affef4f2c399244f7400184361f40072f16d7753866b64

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:11 GMT
last-modified: Sun, 23 Apr 2023 16:39:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 23 Apr 2023 16:40:11 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 425D 85 KB
31 KB 57ms
7ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jyg05bt581y3dfsnxnh39ax8pvc566qvdbnpnsh9bg9bqqe8pgg7vdt1p7h2qa60fe122ph82r6h0mmy6mqxz74va4kb52g5tfveej38h2n8ajb3rnx35nq2j6mz4fvn8qj44xsxc6apn532m8rp3actayv3xbqjkxc6xfx870wajabx2qr5fwp9e38s76t7wsv787ejsak9ff3qeewty3jb67dxmfvz6t4v5j89sy71fgcq5dyywhpape0gn2jnk45w%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:19:46 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 39872
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 5FYCJdmCrXq23DrdKy9FZXKPwAXkniPtobho3h-I3LD_TE_ch9vrAA==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 425D 15 KB
15 KB 35ms
7ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1682268251&Signature=HRPu1gUcVTUJVJh4S3oG89FOk~Gnm8mrW0s6Y3lPSoefuE2j2lU~AJL3vU8FcUzXqLyKyL12KNB4wHHgaOYXtLW~pVFj8LjT3fEEaxIFyjKFJrFCfQeYIEkGaxhuqW1FZre3W-QUb1csysRWjNxrqD6qJ7aww32WmeaKFZ7jxn79P127W5ygH2wEGMfOr0nQchPyqmgLBhQlIwv8ybXBaAsNHQwtBZ-9gl0krz1YSUBD7fFkD2~3uZi7EdPZXgDccVHxvIb5CPWqRqiBNCI8YohbGywQj1AYd~fNTlzRPkIsW2i2-PpmX9wdWriHPZPk-AIJlLt~DC~nMdxdqRpR7g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 23 Apr 2023 06:04:44 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 38068
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: LfiMnMY5xuUWhurFPXCnsfP36ISy5-LvaRkIP8T17-AMSBmpf9RY8g==

GET
H3 200 css
fonts.googleapis.com/ Frame E492 9 KB
921 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3063935215&adf=3512139489&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1248&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250&nras=3&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lCtNntHLBC&p=https%3A//all-news.co&dtd=50

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Apr 2023 16:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Apr 2023 15:28:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Apr 2023 16:39:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame E492 2 KB
765 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 16:53:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E492 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdvIHLl9FZNuCMviAxdwP1_mJ-AXTtMbJb5__vJL3EAoQASDM0-yCAWCV4pCCoAegAeyz8sAByAEJqAMByAPLBKoExwFP0MtnldRYNsbI9boTSALmfbpsO1fLm8M0juwQ_MzWI4lc5cT5i-atO_u4pV8Ej6Hp1Np-DyQKQM2P3dZxB-nPGhibrjOQMbq2ZjZ8-1Lkxi2KiAa_67qK-WMDVe-kzqZupkJZ3a7oEMQrSQ1AduthsjpcOTVeKzN77pjRnDAdWkLCpInWucbgdk1aSUnxbPmDGDNnfyEM9Y9wbhB2KmUJ5AmSmmjxDfNLCxR-BNT5ir7xcHZOpBioJzAhi_-2_oibxBib8q-DwATT39y2nASSBQQIBBgBkgUECAUYBKAGLoAH_MuNvwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDeeNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=40jWvAy0Eko&uach_m=[UACH]&cid=CAQSPABygQiDT4Ri8J29Dp8DcDUF8QnM8SDZE5nWCRXM7Ybcdw2HVfcu-8Q74a3RToDfIB7QLwWq4ih4DNGIgBgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3063935215&adf=3512139489&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1248&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250&nras=3&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lCtNntHLBC&p=https%3A//all-news.co&dtd=50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 23 Apr 2023 16:39:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15362233715595559394/ Frame E492 39 KB
39 KB 7ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15362233715595559394/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3de691ce0621759ef92fcca16a46d3c4233ae72ba31a8c16f7b9fbbf0d6bdd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:16:30 GMT
x-content-type-options: nosniff
age: 69762
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40195
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 16:56:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 21:16:30 GMT

GET
DATA 200
OK truncated
/ Frame E492 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E492 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame E492 21 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame E492 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame E492 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 06:15:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E492 0
0 14ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTl9zyOHpJDAjpniw55Nebr_aC244grfOAmrVHRnsr_paZN24wrD5pIFJ85FoT1WBa-s4AxVjiI215oOFh9bkADHT2Frw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3063935215&adf=3512139489&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1248&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250&nras=3&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lCtNntHLBC&p=https%3A//all-news.co&dtd=50
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E492 159 KB
49 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Apr 2023 16:39:12 GMT

GET
H3 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame E492 32 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 12:00:35 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 11B5 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77927
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Sun, 23 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E492 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7a590e84fc1a009a77c4935ccf63e0dd22c894a164f53526594f76ea4c0c6d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 11B5 35 B
464 B 46ms
8ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKcWahkqZdQgn8q-U9LDuUo&google_cver=1&google_push=ATf1kGPwvr95qzKv9f5f3HMp1C7zO22Wv4kBLDRmmBLZksQJsxCJgLMR4SUamXQeWIzoHpmQi5Q8byBC3X94r8AIgSkaSoqyNKPlCA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 11B5 0
103 B 14ms
12ms Image
text/plain 64.158.223.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENI-KG5WbO9eyOt0gagnQBM&google_cver=1&google_push=ATf1kGMv2O9U_3sn2yG40YOq9T5GSpcHd6YDx-CjaoJBEfXJ2WqsocMtyzfUIafaBbAKkc7eAzxKhFXOrNW093gii3GKMAuRrk9NTw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=3063935215&adf=3512139489&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1682267950&rafmt=1&to=qs&pwprc=3183826420&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267950733&bpp=1&bdt=1248&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250&nras=3&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lCtNntHLBC&p=https%3A//all-news.co&dtd=50
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 11B5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBpo84SicywAzj50anbSFIQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBpo84SicywAzj50anbSFIQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NEhrTm9ZdHExUFFDSzQ1&google_gid=CAESEBpo84SicywAzj50anbSFIQ&google_cver=1&google_push=ATf1kGOC06iCT5d-LwUmwcW4lU5KPTbEIF1_IweTxowhMx2...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NEhrTm9ZdHExUFFDSzQ1&google_gid=CAESEBpo84SicywAzj50anbSFIQ&google_cver=1&google_push=ATf1kGOC06iCT5d-LwUmwcW4lU5KPTbEIF1_IweTxowhMx2NONLaQcyOiy-daJNGht4loDezfHEF2xGqF6ULQxbelUi2xYrMcsMM

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 23 Apr 2023 16:39:12 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-05bcdf9d4cddcb229@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NEhrTm9ZdHExUFFDSzQ1&google_gid=CAESEBpo84SicywAzj50anbSFIQ&google_cver=1&google_push=ATf1kGOC06iCT5d-LwUmwcW4lU5KPTbEIF1_IweTxowhMx2NONLaQcyOiy-daJNGht4loDezfHEF2xGqF6ULQxbelUi2xYrMcsMM
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 11B5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEO68Q06YmVvpmJp1Ev9effU&google_cver=1&google_push=ATf1kGMkG3S1i4O0_eooT_vTqasf6yuCWDOb-YEmF07MVxu4EqPj53Qc1ua6S_N7PtbQRjg5wdoyRo6t2N6cyUcglmw_N2DueGnzJA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C7E4258CA81246948C1B678B3E9A4764&google_push=ATf1kGMkG3S1i4O0_eooT_vTqasf6yuCWDOb-YEmF07MVxu4EqPj53Qc1ua6S_N7PtbQRjg5wdoyRo6t2N6cyUc...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C7E4258CA81246948C1B678B3E9A4764&google_push=ATf1kGMkG3S1i4O0_eooT_vTqasf6yuCWDOb-YEmF07MVxu4EqPj53Qc1ua6S_N7PtbQRjg5wdoyRo6t2N6cyUcglmw_N2DueGnzJA

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 23 Apr 2023 16:39:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C7E4258CA81246948C1B678B3E9A4764&google_push=ATf1kGMkG3S1i4O0_eooT_vTqasf6yuCWDOb-YEmF07MVxu4EqPj53Qc1ua6S_N7PtbQRjg5wdoyRo6t2N6cyUcglmw_N2DueGnzJA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 22 Apr 2023 16:39:12 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 11B5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFWlErA0RcaNUUkZnHV2WBY&google_cver=1&google_push=ATf1kGMCtuSroYbfc7K4h_MAQ3dScWrTEBbCKwIL2cOVFV1tOkVid0sNK8-Bir_0P52ZMuDQqqEJaJd58BsaUO...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNTI4NTgzNjk1MzQ4MzQwNA%3D%3D&google_push=ATf1kGMCtuSroYbfc7K4h_MAQ3dScWrTEBbCKwIL2cOVFV1tOkVid0sNK8-Bir_0P52ZMuDQqqEJaJd58BsaUOvQ1q...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNTI4NTgzNjk1MzQ4MzQwNA%3D%3D&google_push=ATf1kGMCtuSroYbfc7K4h_MAQ3dScWrTEBbCKwIL2cOVFV1tOkVid0sNK8-Bir_0P52ZMuDQqqEJaJd58BsaUOvQ1qkHErC5JB1aXA

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNTI4NTgzNjk1MzQ4MzQwNA%3D%3D&google_push=ATf1kGMCtuSroYbfc7K4h_MAQ3dScWrTEBbCKwIL2cOVFV1tOkVid0sNK8-Bir_0P52ZMuDQqqEJaJd58BsaUOvQ1qkHErC5JB1aXA
Date: Sun, 23 Apr 2023 16:39:12 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 11B5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJRkgP6FB7Jl3gYB8ryjW8w&google_cver=1&google_push=ATf1kGPdfs8JOGwu9XloehEEq9m5_YxLdz7b7TYaJRJwrjrhq2_DAXmwd_A5FB6g_iqH95Gh4drJQL2Q...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ4Nzc5MzI0ODc4ODY4NTcxNQ&google_push=ATf1kGPdfs8JOGwu9XloehEEq9m5_YxLdz7b7TYaJRJwrjrhq2_DAXmwd_A5FB6g_iqH95Gh4drJQL...

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ4Nzc5MzI0ODc4ODY4NTcxNQ&google_push=ATf1kGPdfs8JOGwu9XloehEEq9m5_YxLdz7b7TYaJRJwrjrhq2_DAXmwd_A5FB6g_iqH95Gh4drJQL2Qf-ZcGpR-l8gv-Dr2w3kM9A

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ4Nzc5MzI0ODc4ODY4NTcxNQ&google_push=ATf1kGPdfs8JOGwu9XloehEEq9m5_YxLdz7b7TYaJRJwrjrhq2_DAXmwd_A5FB6g_iqH95Gh4drJQL2Qf-ZcGpR-l8gv-Dr2w3kM9A
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 11B5
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RMWK5KyhThCnVNbWWp8YbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RMWK5KyhThCnVNbWWp8YbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMA5FEcUzg9vDqR4yPatdXO0EM0lqNxOZeKrHUrolJ8HoLOt61lV61_Nya2GY49Zz54vnF1k_5xW-XM0cjYix6rq_xyeDYuCQ

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RMWK5KyhThCnVNbWWp8YbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMA5FEcUzg9vDqR4yPatdXO0EM0lqNxOZeKrHUrolJ8HoLOt61lV61_Nya2GY49Zz54vnF1k_5xW-XM0cjYix6rq_xyeDYuCQ
date: Sun, 23 Apr 2023 16:39:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 11B5 0
12 B 16ms
15ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JlhkH7XkqnNPmmRSIRhCuda-Z_uO0sFATddjxF2g-UvctKWns9KxV4HWbT-X4Lie7g-gId

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame E492 29 KB
29 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:16:02 GMT
x-content-type-options: nosniff
age: 127390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 05:16:02 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 83ms
83ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230418&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

146ee4804b68d656b891cc5597513ba483730afa8549cc612f1fff0f14e74e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11267
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1211 76 KB
25 KB 1342ms
1342ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=1240227622&pi=t.ma~as.1203090826&w=300&lmt=1682267952&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267952159&bpp=1&bdt=2675&idt=2&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280%2C1200x280%2C1005x124&nras=5&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&psts=AHQMDFdAtfEGjFWkhhvLti82c0_wqH2argVzjdnWtXgqkd7RAfhxSfqyYbwqI_6nC02LtFpwMlwbrUVPgXC3K7UMp-DdZeCm3a3vvsVREoaqBoX_mN5ATQ%2CAHQMDFeklGvliAIAiq0SHwCdGWy7f-V98axxYmH5FfAzTJDZYzEB1cTnoPlo8ze7jXq7trbRWE6t_oQaO94dUoksmzII7dES%2CAHQMDFdQdKH-533GTRofnvam-KQwe0_dKlzxfwr-zKjhWr1rj4Xkor8Rh0t31yRT-E8ZU2cKGQCbv43JumRglW5c5YNzNFBf%2CAHQMDFd5M8uq5Lsl18DVdl8p6OZUHaQMbB5kclQ80Qtp3kiRYEcZ2JFq-OhYPc6FJ-HhT_bGk-df_UVp3n4dtN8PfbSE4agg&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=xP7c3NNoHI&p=https%3A//all-news.co&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f74c25ba6427f3af9afc1451c31a216be6e42576be69045ba3b55da79313ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 25311
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:39:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 3408-help-me-retire-at-55-years-old-i-will-have-worked-for-30-years-what-are-the-pros-and-cons-of-retiring-at-that-age.jpg
all-news.co/wp-content/uploads/2023/04/ 163 KB
163 KB 13ms
12ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3408-help-me-retire-at-55-years-old-i-will-have-worked-for-30-years-what-are-the-pros-and-cons-of-retiring-at-that-age.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 62d433a746802bb703b1f2562d12e16cfe54b3500cd138fc0bc4749262155c45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 08:43:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "28bcb-5f9fce1f428c1"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 166859

GET
H3 200 CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F63 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14219
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 16:33:30 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame E492 62 KB
23 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81fac6325b1f2079b58fe2257f06a8556902b77a50046b01c811aaf30655fac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1885
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23600
x-xss-protection: 0
server: cafe
etag: 5417508281733954414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 17:07:47 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame BC89 0
54 B 284ms
282ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~lgtmwiwl&chm=1&ctx=2&gqid=Ll9FZKquMZ6JxdwP-NOC2AY&qqid=CL_QgL24wP4CFfRBkQUdiMABaw&met.6=6.1_CgsY0wogQioECAgSAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ED04 42 B
64 B 114ms
114ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwGykCazSicLvWkmioGlDTqelHEHbQQ1y4q9Wr2EiGMqm5yRJCfq-oDuXb0LIpLsZICBUex0tY63B0DGuPghlljIisWtxR15HWL9AUKTUFKALe3NurwuwcqWGqNMsKAtU7TLQkVw&sai=AMfl-YSfXDJolnzwzxpAyppv9UeBtkED4ykqxleJRalQsDjIDgFb2lYvjPYC_lAOqUxos2EW25jLkcRhL5v_&sig=Cg0ArKJSzCHCAF_i4Um5EAE&cid=CAQSGwBygQiDHgkJ9PGSSwfwEhwJ27BMNoxLic57TxgB&id=lidar2&mcvt=1011&p=0,0,124,1005&mtos=91,771,1011,1124,1193&tos=91,680,240,113,69&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682267950821&rpt=214&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 3406-kenji-bahar-throws-a-beautiful-25-yard-td-to-help-the-gamblers-tie-the-game-against-the-breakers.jpeg
all-news.co/wp-content/uploads/2023/04/ 4 KB
4 KB 13ms
13ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3406-kenji-bahar-throws-a-beautiful-25-yard-td-to-help-the-gamblers-tie-the-game-against-the-breakers.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: b3327ef16835aa5bc88f852504d8b7d728e7f1984e5a062e4896af5f19052a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 04:43:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "e6d-5f9f98849dcb9"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3693

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 23 Apr 2023 16:39:12 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame BC89 0
54 B 283ms
283ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~lgtmwjfs&chm=1&ctx=2&gqid=Ll9FZKquMZ6JxdwP-NOC2AY&qqid=CL_QgL24wP4CFfRBkQUdiMABaw&met.6=6.1_CgsYsAsgOSoECAgSAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 3400-wrexham-confirm-return-to-football-league-as-reynolds-and-mcelhenney-bask-in-mullin-brilliance.jpg
all-news.co/wp-content/uploads/2023/04/ 351 KB
351 KB 13ms
13ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3400-wrexham-confirm-return-to-football-league-as-reynolds-and-mcelhenney-bask-in-mullin-brilliance.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 7ab31547e748e92d3c8227c1be66e733a2287ab2137a1f35d808fbe9d1487d7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 03:44:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "57bd4-5f9f8b5a0740d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 359380

POST
H2 204 csi
csi.gstatic.com/ Frame E492 0
54 B 282ms
282ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lgtmwjhp&chm=1&ctx=2&gqid=Ll9FZOmWMZKJygW_w43YDQ&qqid=CNvRgL24wP4CFXhAkQUd13wCXw&met.4=fb.105~lb.10t~cmrload.117~ol.127~bdt.-103~bpp.-1e~dtd.-1~dt.-1f&met.3=733.11d~748.11n~742.11d_c~555.11v~739.11v~556.11v_1~738.125~749.125_2~735.14b_1~113.166_1~112.165_1&met.1=1.lgtmwibk~6.0~7.0~8.0~9.0~10.0~12.0~13.zx~14.105~15.zz~16.11u~17.11u~18.11w~19.11x~20.11x~21.126~22.10q~23.10q&met.7=CAUQCBgBMJUKON8KaAFwjgp4q6MCgAH_oAKIAYPYBrABAbgBAw~CBIQBxgBIJUKKJUKMK4KOBpolQpwrgp4qQmAAf0GiAHHRaoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBIJUKKJUKMJwKOAdolgpwmwp4jgiAAeIFiAGRDLABAbgBAw~CCEQBBgBIJsKKJsKMNAKODZomwpwzwp4rAKwAQG4AQM~CBcQAhgBIJwKKJwKMKgKOAxonQpwowp4r7wCgAGDugKIAYO6ArABAbgBAw~CAkQChgBIJ8KKJ8KMKcKOAhonwpwpQp4g0WAAddCiAHtqgGwAQG4AQM~CBwQChgBIJ8KKJ8KMKgKOAhooApwpwp41EGAAag_iAHrmQGwAQG4AQM~CB4QChgBIJ8KKJ8KMKgKOAlooApwqAp4gAyAAdQJiAGBFbABAbgBAw~CBsQBhgBIKAKKKAKMK4KOA4~CBsQChgBIKAKKKAKMKcKOAc~CE0QChgBIKAKKKAKMLcKOBdooApwswp4tIYDgAGIhAOIAf30CbABAbgBAw~CBwQBRgBIKoKKKoKMLEKOAhoqwpwsQp4lgeAAeoEiAGWCbABAbgBAw~CCgQChgBIKILKKILMKsLOAloogtwqAt43LoBgAGwuAGIAd_uA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E492 0
54 B 276ms
276ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~lgtmwjib&chm=1&ctx=2&gqid=Ll9FZOmWMZKJygW_w43YDQ&qqid=CNvRgL24wP4CFXhAkQUd13wCXw&met.6=6.1_CgsY1QogQioECAgSAAoLGLMLIDkqBAgIEgA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3408-help-me-retire-at-55-years-old-i-will-have-worked-for-30-years-what-are-the-pros-and-cons-of-retiring-at-that-age.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 62d433a746802bb703b1f2562d12e16cfe54b3500cd138fc0bc4749262155c45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 08:43:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "28bcb-5f9fce1f428c1"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 166859

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 732C 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9151
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 14:06:41 GMT
expires: Mon, 22 Apr 2024 14:06:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 88FD 783 B
534 B 16ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5a5411cdc7ddb1721f3e2dfa49242b7826b06c02c614d54549ceb9dfa68b9ba2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--GP1bUulTqrGwEaz4XlPYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce--GP1bUulTqrGwEaz4XlPYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 16:39:12 GMT
expires: Sun, 23 Apr 2023 16:39:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 3402-guardiola-makes-scared-comment-about-man-utd-and-admits-he-has-lost-battle-with-grumpy-star.jpg
all-news.co/wp-content/uploads/2023/04/ 125 KB
126 KB 13ms
13ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3402-guardiola-makes-scared-comment-about-man-utd-and-admits-he-has-lost-battle-with-grumpy-star.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: e8f927e471a3e0424531f0abb7c913577d6c99a3e8d8a2b381e5741def1fdc9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 03:44:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1f4c9-5f9f8b5a69270"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 128201

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3406-kenji-bahar-throws-a-beautiful-25-yard-td-to-help-the-gamblers-tie-the-game-against-the-breakers.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: b3327ef16835aa5bc88f852504d8b7d728e7f1984e5a062e4896af5f19052a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 04:43:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "e6d-5f9f98849dcb9"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3693

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 88FD 0
0 107ms
107ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230418&jk=1673488326325570&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response
pagead2.googlesyndication.com/bg/ Frame 732C 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14219
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 16:33:30 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3406-kenji-bahar-throws-a-beautiful-25-yard-td-to-help-the-gamblers-tie-the-game-against-the-breakers.jpeg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: b3327ef16835aa5bc88f852504d8b7d728e7f1984e5a062e4896af5f19052a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 04:43:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "e6d-5f9f98849dcb9"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3693

POST
H2 204 csi
csi.gstatic.com/ Frame BC89 0
54 B 277ms
276ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=4~lgtmwjia&chm=1&ctx=2&gqid=Ll9FZKquMZ6JxdwP-NOC2AY&qqid=CL_QgL24wP4CFfRBkQUdiMABaw&met.6=6.1_CgsY3wwgOyoECAcSAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E492 0
54 B 280ms
280ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~lgtmwjic&chm=1&ctx=2&gqid=Ll9FZOmWMZKJygW_w43YDQ&qqid=CNvRgL24wP4CFXhAkQUd13wCXw&met.6=6.1_CgsY4gwgOyoECAcSAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3400-wrexham-confirm-return-to-football-league-as-reynolds-and-mcelhenney-bask-in-mullin-brilliance.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 7ab31547e748e92d3c8227c1be66e733a2287ab2137a1f35d808fbe9d1487d7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 03:44:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "57bd4-5f9f8b5a0740d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 359380

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3402-guardiola-makes-scared-comment-about-man-utd-and-admits-he-has-lost-battle-with-grumpy-star.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: e8f927e471a3e0424531f0abb7c913577d6c99a3e8d8a2b381e5741def1fdc9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 03:44:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1f4c9-5f9f8b5a69270"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 128201

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3402-guardiola-makes-scared-comment-about-man-utd-and-admits-he-has-lost-battle-with-grumpy-star.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: e8f927e471a3e0424531f0abb7c913577d6c99a3e8d8a2b381e5741def1fdc9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 03:44:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1f4c9-5f9f8b5a69270"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 128201

GET
H/1.1 200
OK 3404-mahrez-hat-trick-keeps-treble-on-the-boil-for-relentless-manchester-city-against-valiant-blades.jpg
all-news.co/wp-content/uploads/2023/04/ 163 KB
163 KB 12ms
12ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3404-mahrez-hat-trick-keeps-treble-on-the-boil-for-relentless-manchester-city-against-valiant-blades.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 0d3bd360ef5255d230c905093b03e7e1ab36fd1959ea959d6928df4e15cff7b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 03:44:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "28ca7-5f9f8b5ac4f2b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 167079

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 732C 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?K1nj7w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 425D 16 B
232 B 67ms
66ms Fetch
application/json 52.56.54.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.54.153 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-54-153.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 23 Apr 2023 16:39:12 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 87ms
21ms Preflight 52.56.54.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.54.153 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-54-153.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 23 Apr 2023 16:39:12 GMT
server: nginx

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3408-help-me-retire-at-55-years-old-i-will-have-worked-for-30-years-what-are-the-pros-and-cons-of-retiring-at-that-age.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 62d433a746802bb703b1f2562d12e16cfe54b3500cd138fc0bc4749262155c45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 08:43:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "28bcb-5f9fce1f428c1"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 166859

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3406-kenji-bahar-throws-a-beautiful-25-yard-td-to-help-the-gamblers-tie-the-game-against-the-breakers.jpeg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: b3327ef16835aa5bc88f852504d8b7d728e7f1984e5a062e4896af5f19052a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 04:43:32 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "e6d-5f9f98849dcb9"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 3693

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/04/3404-mahrez-hat-trick-keeps-treble-on-the-boil-for-relentless-manchester-city-against-valiant-blades.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 0d3bd360ef5255d230c905093b03e7e1ab36fd1959ea959d6928df4e15cff7b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:12 GMT
Last-Modified: Sun, 23 Apr 2023 03:44:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "28ca7-5f9f8b5ac4f2b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 167079

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 112ms
112ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230418&jk=1673488326325570&bg=!NTalNmLNAAYfNdXmPzU7ADkAdvg8Wk_nNyfTdzJ3hQZfbQYgNM2FPWCDo6OhKSF2Hrq4W3Q18z5R3VlE2tcq4W-j8cWsRGaPdCgCAAABDFIAAAADaAEHmQLgztye2MPBm5hY0wT_BvTpSyxY-Ke15nzmKnVlj8LWCbV8yQMG7ENnDZ2iyiBLEGl3A6uu458VpKrEHJ4r_4AKXYO1-oScPDhmyyuiH2hTzxawX2jTSoqgKmh7ofnopknWGruReiyPICf0Bwoq4A5TpoZMs8a6e9EWq7bzy5RMZXUMlEJMN6XdeKoUHo9H7IzXh6NK2oQXTjAGBwsZeOHXYBdxHfeKj5jjYgL7hDJIWWP0MMooFpV6nsWE7gcgro5AP3swqpjmD1xKs-jxTUpmVnrkE8NI8kgOqWkbaLSg_mZ894Vw5ExAdlZrpkWFr52pwDvtFqzFD-S9UNitO6cWjFMJWkp_n-oMwyklviJIarhCBJQQ6cry5-Kcfo6ON_TcUWiEqNZxD--NoV4yGEzluzKRa8R-RDAbLNnijkXdoyfjkG_06oMKsV55vBMX4HeTMBS-WZVumQzMcQPl47ugUbDEvQBdamTWxA68Hq9wuYWynhaiVnHUy0F1JtPkz6ahcqJYBNDFcMuTpkgA_rpQa1zZnxvrYvSpGvAfvQeaQZQpY5SUGPCXIqcGcqwtFKDwiZOk_1ul9LFtBDgDHAvlzM0xiER-UlspKnPu2isUfMseWb-FKws22LuHMgMZRtcRdGyT-S6ZK0kRjJ4KJmZcjz-T84rORdonf7Z1x-KbmsONjR9Vzg-BbhN81y-ZZnggSNFG-4bK3sLssrO0eNAZKTuaZ9U-0FOYh2sVeyRsqBGmj9Re9o_fbO39wSl9uBKA4RhXkifSdFk__YG066BLQ2N4PDUBpqlqPeTeWh_n1iWtFE0IsBLzWSsdcFu1fTZGOmnTttBNJBhhVgBcXTxzO37i94YCskYzvbYBwsYe4DeuDbKFg_npJpZzYdQzCFJHrN9KjpDFo4Ere1ZMgsp3YDId4Z3-m9c3aemb9slwCnP1ShVoWLv9510mxq3rYq6NkkPhcKdsQ9ud9EYZHAzZyw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 278ms
278ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lgtmwhma&c=1673488326325570&e=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&ctx=1&met.3=1000.133_1__1~782.133_2~1001.132_3__1~164.135~165.130_5~166.12s_n~1032.17u~326.17w_1~832.17y~868.17y~216.17u_5~215.17u_5~843.17u_6~889.18b~639.18f~112.18m_1~629.193~247.1go~248.1go~1032.1gp~326.1gq~832.1gq~868.1gq~164.1gp_2~165.1g5_l~889.1gt~639.1i7~166.1i9_2~166.1lk_3~429.1vd_1~993.1vj_2__3~992.1vl__3~994.1vl__3~991.1vi_4__3~990.1vi_4__3~353.1ve_7~453.1vq_2~754.1vs__8~995.1vs_1__8~998.1vq_3__8~453.1vt_1~754.1vu_4__b~995.1vu_6__b~247.1w2~248.1w3~1032.1w3~326.1w3~832.1w4~868.1w4~164.1w3_1~165.1w2_2~996.1w2_2__b~997.1w0_4__b~453.1w4_1~754.1w5_3__b~995.1w5_4__b~247.1wa~248.1wa~1032.1wb~326.1wb~832.1wb~868.1wb~164.1wb_1~165.1wa_2~996.1wa_2__b~997.1wa_2__b~453.1wc_1~754.1wd_3__b~995.1wd_4__b~247.1wh~248.1wh~1032.1wi~326.1wi~832.1wi~868.1wi~164.1wi_1~165.1wh_2~996.1wh_2__b~997.1wh_2__b~453.1wj_1~754.1wk_3__b~995.1wk_4__b~247.1wo~248.1wo~1032.1wp~164.1wp_1~165.1wo_1~996.1wo_1__b~997.1wo_1__b~453.1wp_1~754.1wr_3__b~995.1wr_5__b~247.1ww~248.1ww~1032.1ww~164.1ww_1~165.1ww_1~996.1ww_1__b~997.1wv_1__b~453.1wx_1~754.1wy_2__b~995.1wy_3__b~998.1vt_19__b~639.1x2~639.1x2~889.1x4~889.1xu~889.1xx~639.1y0~639.1y0~639.1y0~453.1y0_1~754.1y1_1__y~995.1y1_2__y~998.1y0_4__y~453.1y4_1~453.1y5_1~453.1y6_1~453.1y8_1~454.1y9_1~454.1ya_1~454.1yb_1~453.1yd_1~753.1yh~210.1ys~1032.1yu~326.1yu~832.1yu~868.1yu~164.1yu_1~165.1yt_2~466.1yt_2~522.1yt_2~1013.1z1~525.1yw_12~639.1zy~264.1zz~264.20y~264.21c~264.21q~264.227~264.22r~264.238~168.23j~168.23j~168.23j~168.23j~168.23j~168.23j~168.23j~168.23j~168.23j~168.23j~168.23j~168.23j~168.23j~168.23j~168.23j~168.23j~264.24c~264.24l~264.24n~273.24y~264.250~264.26m~264.26o~264.26x~264.27a~264.27q~264.287~264.291~264.29e~168.29i~168.29i_3~168.29i_3~168.29l~168.29l~168.29l~168.29l~168.29l~168.29l~168.29l~168.29l~168.29l~168.29l~168.29l~168.29l~168.29m~264.29q~168.29x~168.29x~168.29x~168.29x~168.29x~168.29y~168.29y~168.29y~168.29y~168.29y~168.29y~168.29y~168.29y~168.29y~168.29y~168.29y~264.2a2~264.2ap~264.2bj~264.2bv~264.2cc~264.2cp~264.2em~168.2f0~168.2f0~168.2f0~168.2f0~168.2f0~168.2f0~168.2f0~168.2f0~168.2f0~168.2f0~168.2f0~168.2f0~168.2f0~168.2f0~168.2f0~168.2f0~264.2f3~264.2fq~168.2ft~168.2ft~168.2ft~168.2ft~168.2ft~168.2ft~168.2ft~168.2ft~168.2ft~168.2ft~168.2ft~168.2ft~168.2ft~168.2ft~168.2ft~168.2ft~264.2g3~264.2ga~264.2gq~264.2h0~264.2ih~264.2iu~264.2ix~264.2jb~264.2js~264.2k8~264.2kp~264.2l6~264.2lm~264.2m3~264.2mk~264.2n0~264.2nh~264.2ny~264.2oe~264.2ov~264.2pc~264.2pt~264.2q9~264.2qq~264.2r7~264.2rn~264.2s4~264.2sk~264.2t1~264.2ti~264.2ty~264.2uf~264.2uw~264.2vc~264.2vt~264.2wa~264.2wq~264.2x7~264.2xo~264.2y7~264.2ym~168.2yp~168.2yp~168.2yp~168.2yp~168.2yp~168.2yp~168.2yp~168.2yp~168.2yp~168.2yp~168.2yp~168.2yp~168.2yp~168.2yp~168.2yp~168.2yp~264.2z3~264.2zm~1032.304~326.305~832.305~868.305~164.304_1~165.303_2~889.307~639.30a~264.31n~113.31y_1~264.324~264.32c~264.34k~264.34w~264.356~264.35k~257.361~264.360~264.36t&met.1=1.lgtmwgdo~6.fv~7.fv~8.fw~9.fw~10.h6~11.g7~12.h6~13.vr~14.1hu~15.xs~16.1lo~17.1lo~18.1lu~19.303~20.303~21.31n~22.11q~23.11q
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 1211 21 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=1240227622&pi=t.ma~as.1203090826&w=300&lmt=1682267952&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267952159&bpp=1&bdt=2675&idt=2&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280%2C1200x280%2C1005x124&nras=5&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&psts=AHQMDFdAtfEGjFWkhhvLti82c0_wqH2argVzjdnWtXgqkd7RAfhxSfqyYbwqI_6nC02LtFpwMlwbrUVPgXC3K7UMp-DdZeCm3a3vvsVREoaqBoX_mN5ATQ%2CAHQMDFeklGvliAIAiq0SHwCdGWy7f-V98axxYmH5FfAzTJDZYzEB1cTnoPlo8ze7jXq7trbRWE6t_oQaO94dUoksmzII7dES%2CAHQMDFdQdKH-533GTRofnvam-KQwe0_dKlzxfwr-zKjhWr1rj4Xkor8Rh0t31yRT-E8ZU2cKGQCbv43JumRglW5c5YNzNFBf%2CAHQMDFd5M8uq5Lsl18DVdl8p6OZUHaQMbB5kclQ80Qtp3kiRYEcZ2JFq-OhYPc6FJ-HhT_bGk-df_UVp3n4dtN8PfbSE4agg&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=xP7c3NNoHI&p=https%3A//all-news.co&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10992
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1211 8 KB
739 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66c84fd2e855f7f8795d82db9f5aacc7b3752200f492850aac5cda6eddad7fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Apr 2023 16:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Apr 2023 15:31:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Apr 2023 16:39:13 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/ Frame 1211 14 KB
3 KB 56ms
7ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c317a678c440afae34736fd8d13a0a28f7f21fdfb351a94f33c7f2abb2560ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 20:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2819
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 20:21:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 20:46:42 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/ Frame 1211 379 KB
130 KB 57ms
8ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

231de18b8d42e355897c3c550df71a0e4c19593ba51070a130ee9f307a70c441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132560
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 20:21:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 05:45:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 1211 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 06:15:49 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 1211 0
17 B 277ms
276ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lgtmwkhs&c=8152807262950&slotId=4076403631475&qqid=CIi_1b24wP4CFdjisgodBrYC2g&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1211 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 84898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:04:15 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1211 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 225230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1211 0
20 B 113ms
113ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C-3qwMF9FZIjnDNjFywWG7IrQDcze_OFu48j41JsR6rqB_pQcEAEgzNPsggFguwagAYaroasCyAEFqAMByAObBKoE5wFP0I0-q4MDkRFEm3l5olo-XBYu8Tp_rLRj9vX1FqFD_5tdGmrENl9Kn-pn4UKi1VuiTVflVCuLot5qlP0eNV90WItUPkADwDFi2FrrhX9HmGQjHGK8TVkdmsUaTk-YJD_StXg5RIwfv0ZIpggHhhpZvjIWIl19ASwjay2iDOy6rsPyFEV5iE8oWjKhfHckB_ehjjQfK--h9cu6bVCSm6LrP57eZWU57ZG8cPh0fEqHWFwqJpnQTdpqE2SfF0KhYtKUt-FZrqlCdB7TQW00qyaYIOFPdJrMYv-gh_JrvBSV9RIgjE_jK2jABNzz3K62A-AEA5AGAaAGdoAH4tTe1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE8zc5hLYEw2IFAvYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1682267953611&ai=C-3qwMF9FZIjnDNjFywWG7IrQDcze_OFu48j41JsR6rqB_pQcEAEgzNPsggFguwagAYaroasCyAEFqAMByAObBKoE5wFP0I0-q4MDkRFEm3l5olo-XBYu8Tp_rLRj9vX1FqFD_5tdGmrENl9Kn-pn4UKi1VuiTVflVCuLot5qlP0eNV90WItUPkADwDFi2FrrhX9HmGQjHGK8TVkdmsUaTk-YJD_StXg5RIwfv0ZIpggHhhpZvjIWIl19ASwjay2iDOy6rsPyFEV5iE8oWjKhfHckB_ehjjQfK--h9cu6bVCSm6LrP57eZWU57ZG8cPh0fEqHWFwqJpnQTdpqE2SfF0KhYtKUt-FZrqlCdB7TQW00qyaYIOFPdJrMYv-gh_JrvBSV9RIgjE_jK2jABNzz3K62A-AEA5AGAaAGdoAH4tTe1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE8zc5hLYEw2IFAvYFAHQFQH4FgGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 1211 0
17 B 273ms
273ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lgtmwki4&c=8152807262950&slotId=4076403631475&qqid=CIi_1b24wP4CFdjisgodBrYC2g&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 1211 29 KB
16 KB 127ms
59ms XHR
text/xml 173.194.76.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CgUC68iJtShdvLwjZbcMEwPqjdw9yUfF-9qu4Wgvi_fMsYK2dj8dZd6lFsaXQE0ViSUlkD2TOzikKV1gpQWYnOwB9KzA&cry=1&dbm_d=AKAmf-DR2StzgEJEEKlemEsQ07pdZeGZZBTX9XkzMRBKvI8X79_025Yv6ERMHqGor7xb2633WbgO67E9VY9i1bH7xafgOx5N7tRT5DxUteAbnDO-UDIqGHezWtvtsyEA34etpEyI1u0arZENP-OevdT7pC_90K7axIV0ttNYOHKb_xsg6n8urMA3J5wpZ1zYoMjOYd0hNXa2BXeKguvzEHWu01m6QE3sr6XFar027zvWbizPva57dVHWVgHxOBLSmV4CM19m5NhuOQ4j-D0hpHId64Gw7ZKRiwVXGlUMonXTfOiD4TQp7cALN2-jLfP-4p6q4_G8RTpKYRwO8yAHBPA4PZK9PDIPoTgQEyVOLdmlKnCdsBxl-NPo5-bGeBTj-FNuoegU3tvgsPxLyRqxhceNNVbofB6Al8S_rlAqC1QYEQ9TW6_qmDl9y80W185-N-xZg8AFCCs6FXVB9Yd9v9fH9YCsUvuoyc1kKHzUnFz_n-ZYjPCuK9QJiQJLZ70Ks6nue94jdz6Br_U6Mc3HnVmdPdoovbLZb5yRYvAN7qfG_BJNAYW8YZyuEFIm8OG6P2zdFjGhUX-l4a2CYxUuzKXFfSyQ8nVKtPn50rxE63wYfsG57qHJlu0cIqSxq0Wkh-K4rfnGZwO82tnrzQeXddt0eGW9EdhtU81Iui9nH9uTHwm_uUDXQkok_bDyEO0XZL-7t32p06MOFBlYux4fPyfMOlNXorhF2Qe0n9cdtyuDN64OzJBcPvyPgzdgbl_S3wCbuv6K3hf5sbmAP2O7Ti6yfogg7Nf8CXbCsw8U88hdkZN7vFokzBTCZsvU1AnEjTWHorml93gozlkvnKoM4jVvnPTmtpG5uVNDCd6L9bLUlstugmqD4fd0mqpOOhvnxiMgQCsVomYnzwijvDhv97ASsZqWW4_TRNVqDXeEY6oY9H-8m2TqjmLyr9L4mSgtVPuuF5VrIlfiqgZ5tjHDJH6C1s2yFH4jpJXxDUbzblS6nzGjLKKg-ZwyhlpwiCTKIvZjM7FAkAVvJrH3dgDCu-sTMdKTUbIe-ByibXMNW4u7olgWQHlHfzoL2ribOsOZ8vgtbYraL0U1fw1SNfrW7_n2L4QamBhxCAJC-UCPiEWhUq9vH8BzOjDQ2A4EGCt9jKYhubNPAEFfo9ALrTtMEz9SkFt7g9_BjuvDfBAVBRkFmO5cxJGaCnEmGm9NO8PmFIqHk6SSnG-_fA1NuJjnn7ELQh7QNbuWscSIKNnTWILIzV7nfbTWx1-Neql56S46cFx-GJmAXlYj_o8wJjeG8ajR0_l6gpaD8R0DKh6TAfVJz-14GHMp1Dru6FPp-WbhTHHh3h2WnrqClOo4lNflZyJUAER2fZx3wrZrqcY-oOs1Pp1dREjIUkRge27lsIFzcGO4sWar44nBqHWToRwVhsrpYCiW3IkTNy9pgXehQw5ZFYQ3UwdlJwIOIikOEk25XlP5VulXZhwPCcUbgnqG_pZEwxl1YSUsMHaNLC8IGBtijKceYQbqUiLx7AlMiLN0d7U4A9lYb1HJDh_6cNZRC1DI_W5ZSeKDYXEaO703pqb6A6Q-KycLKCIMeQwMY8xVfZSQO-AyJ2DMqufoKbeJRmY20zvXybuc2Fnb-qM6PKL-dVoeetZLscgbRi83UxipaiHQHBU60IvRcQDNSIVUu8Oj08Tyi2DlVtyEUUEMcFb9yZSaRm0Mq61duvw1irnKYcVuyevyMYv2tyM2t0uChQis0pEmcPVnzRsQ-NN19jNxUyoz8unn45SdVjplDxHSuar9Zuh4IH1xCiq2k7EKkLe3M8C3wQxU2Mn4BjOTZ9VrrLryEn8Gt-WosD-E9JQe-Bxq2I5PSiqXSYDmXJMYRbilKcyO_6JyaJp3yLxI4GlMDZTDnRaT9Ruu4b-nSFKTwpfuSdwjwl34SITZQkmQx-lhRFu3ySf7YVH4c-D5wJJG0mk-5rmTVaCWQU85ElPX6pF-rCkB-sKAnoIuwDTRJxnI42vsXG8-lBYZlnaPSCZwQE9p2HAbpC5KbSu70n5-JOWwAxboyedk4h8jotonQ8zlm6J76i8EQPsd7zhyMPF5exAZjF5bwqmGensKO13J8bDL-Ie3y0g9Sex5XkC12nWjiHSL4LccYHQwsXd40jFkRR6BJNY7ZJb8Mp23j5B781B9QvEDeR7Ho4GuPvgXIgPalBWEHw6ZPFCuod6PiNA868Mu0k5xp7VOqrOkhBfKc4uAUl7hShmoySY4vy8SFTXo2lVVAFV1m5yK7cQzf2Coh00HtAKnB-H81F6NlcYT1LdmWl_a5utf2HHVu1YuycRwdkW8Vevfv4IpzA8K6fPKSPjPAdW0Ws_SsrtPxCCzq4Vy19ljPZVM4J6wAQuwIlkwVuArOVBMXuJvHgQPtTGuSXC0WU_uz0XhLwhUOxyIwmCywljs1YtCvT0CYbE_MvstCsHDya1u_WRekY_L5obSIAvDnz8_qbTyXFDWlEMGcyfV7RrpGadKNm7nTgPqCbPVcqZTQInCA8d8btDmzz37adB61GVxgyqbW0uZI_771gDkBuUhliE6vGPWidjqMTWbtl1aX_lC0j7ZRo2EVi3YMvjvsGNmGXLimsHCGBAmgmtvope7ruC6HThOG79VzIPIvMeXB7UqQZR7ior8pZX9jdt0G5fmATNe7SQ8ZV7EVqyXLA7c2zXWds_kpDx_c5PnIeHa2W26VeEJN9z94KAcdfWAS0xKX7i9ywIq8U7S4I7Bs0oLEwquLondbTj4o_sOyb3Krod0bnIMEbzGf3gPJRw33WBEKrx38F-EoLtziWcSADDW9xAyNJIKKqZKVOz221scE_3JsNzQMqVZ_qmRnN5dT00zd-JOD8uzOwwsOBI1Rqr-oyHcXA1W_WaZ7ovVOuKBTK7OBFO1VKy6rx15Yo182-Gf690ole1jqwBeV4EeTQzC7t6Fg0hvCxQA4GsUzSQEPtOf84ZmYuQr7YG2NEF5dX1_bdeH3aPaGFHqcupuKrbNyaJqm2rc05UZmuMc94lMUw_JyjwpN3jRp4tqf7J2sHxUay2oszo2RrTum9HCiVaNQ_RjmuPSdxcaQ5DZOorig8lyvmw9VLtBKQ3UAPRw-2jay9u4ceOkJbcElWi3cUKQyyVAvuZ6gRIZ7_5L7_fW1j_eiAx8Ga6VDORN_6CzMsiiqZDXXfZ2L0-QBexbaWffSE8qFDBAs5aH2pU4B59zUPEJU65fAyvbkDeIOOlgZlcIGcBFEHPtHerpOZOMOcmXkQH8ncBbWL2zYjDFsAr2DZ5rlvxoIoNXeYq1TJ_qEyv8NTn1nBwA4WEF3tRAmy9tSdbledqMKPIN2DuaUrsyLFB0bY6MIjNGvKWvtVJGtFIlPFQqpdIgzQGAR0JXnn6LXrKoN_0BWVBo7e8yCniBqBKGjgRocCcsdlqf49weHCn85gs9fBhq3tYPSO9jnrq6WYtEc0sr_SgYEGxVSYTxvpAG6Int6qZ07Gh7ObmDYXUNvR5bJyP5zJXCHYv5rWOrUrLfTr7jcDG1Rk4r3gnH8SOUNN9Z-WntUy-Higv0th8VIs8-bjO_D8HEB221JbQe-P_9e9RxehpBXfZ_AMkX22NihDCln6wgYM2p2UJdgXCnBZzODQShKht4MQ5Gv9jQjRUR&cid=CAQSPABygQiD4NefsYpF_8T-z-9oNIjdMCTSQCwgcdi6sW8_4sBJ3F-2-VqqqrClJF_FxeJqjzVt7-eZ6v2vYBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f156.1e100.net

Software

cafe /

Resource Hash

0feb694780e2a81382412dcbe4a36444ac643f686176a815474ffd6ec67fd052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16385
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1211 0
0 46ms
46ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C69ZhMF9FZIjnDNjFywWG7IrQDcze_OFu48j41JsR6rqB_pQcEAEgzNPsggFguwagAYaroasCyAEFqAMBqgTkAU_QjT6rgwOREUSbeXmiWj5cFi7xOn-stGP29fUWoUP_m10aasQ2X0qf6mfhQqLVW6JNV-VUK4ui3mqU_R41X3RYi1Q-QAPAMWLYWuuFf0eYZCMcYrxNWR2axRpOT5gkP9K1eDlEjB-_RkimCAeGGlm-MhYiXX0BLCNrLaIM7Lquw_IURXmITyhaMqF8dyQH96GONB8r76H1y7ptUJKbous_nt5lZWHsC0njajPuux64LJbG1GiclefCYT2OLQPTMJyf6HC2LcH1cXH6hh6FPlaLKAD5aU1I07h0X5PMqIBpVnCHXsAE3PPcrrYD4AQDiAWJ566ZLZIFCggiEAIYAUjVjGGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB-LU3tQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQmY4VGLHY4twB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE8zc5hLIE_D6qwnYEw2IFAvYFAHQFQGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=arFglBB-UcI&uach_m=[UACH]&cid=CAQSPABygQiD4NefsYpF_8T-z-9oNIjdMCTSQCwgcdi6sW8_4sBJ3F-2-VqqqrClJF_FxeJqjzVt7-eZ6v2vYBgB&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=1240227622&pi=t.ma~as.1203090826&w=300&lmt=1682267952&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267952159&bpp=1&bdt=2675&idt=2&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280%2C1200x280%2C1005x124&nras=5&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&psts=AHQMDFdAtfEGjFWkhhvLti82c0_wqH2argVzjdnWtXgqkd7RAfhxSfqyYbwqI_6nC02LtFpwMlwbrUVPgXC3K7UMp-DdZeCm3a3vvsVREoaqBoX_mN5ATQ%2CAHQMDFeklGvliAIAiq0SHwCdGWy7f-V98axxYmH5FfAzTJDZYzEB1cTnoPlo8ze7jXq7trbRWE6t_oQaO94dUoksmzII7dES%2CAHQMDFdQdKH-533GTRofnvam-KQwe0_dKlzxfwr-zKjhWr1rj4Xkor8Rh0t31yRT-E8ZU2cKGQCbv43JumRglW5c5YNzNFBf%2CAHQMDFd5M8uq5Lsl18DVdl8p6OZUHaQMbB5kclQ80Qtp3kiRYEcZ2JFq-OhYPc6FJ-HhT_bGk-df_UVp3n4dtN8PfbSE4agg&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=xP7c3NNoHI&p=https%3A//all-news.co&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 23 Apr 2023 16:39:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EE56 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77928
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Sun, 23 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1211 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0de6851ec41ff14e2bafaad89f61fddffd5a0e80a1aae7688fbc535161356ab1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EE56
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH1nUyxf5TcCFqn7Z46BYjg&google_cver=1&google_push=Aer7DvLvZ9jTmstHBDBbjFqcXh7nyiN1xdrCzK9JxvvMeesU5VpLNH00SMpw4Z7eo13xeV5CmEKiC65XjIS-TlfEfs7DcuJJ6eRDJF0
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ5OTIyOTE2NjM3MTYzMjQzMA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH1nUyxf5TcCFqn7Z46BYjg&google_cver=1

43 B
398 B

13ms
13ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH1nUyxf5TcCFqn7Z46BYjg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=1240227622&pi=t.ma~as.1203090826&w=300&lmt=1682267952&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267952159&bpp=1&bdt=2675&idt=2&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280%2C1200x280%2C1005x124&nras=5&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&psts=AHQMDFdAtfEGjFWkhhvLti82c0_wqH2argVzjdnWtXgqkd7RAfhxSfqyYbwqI_6nC02LtFpwMlwbrUVPgXC3K7UMp-DdZeCm3a3vvsVREoaqBoX_mN5ATQ%2CAHQMDFeklGvliAIAiq0SHwCdGWy7f-V98axxYmH5FfAzTJDZYzEB1cTnoPlo8ze7jXq7trbRWE6t_oQaO94dUoksmzII7dES%2CAHQMDFdQdKH-533GTRofnvam-KQwe0_dKlzxfwr-zKjhWr1rj4Xkor8Rh0t31yRT-E8ZU2cKGQCbv43JumRglW5c5YNzNFBf%2CAHQMDFd5M8uq5Lsl18DVdl8p6OZUHaQMbB5kclQ80Qtp3kiRYEcZ2JFq-OhYPc6FJ-HhT_bGk-df_UVp3n4dtN8PfbSE4agg&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=xP7c3NNoHI&p=https%3A//all-news.co&dtd=6
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH1nUyxf5TcCFqn7Z46BYjg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame EE56 0
187 B 57ms
17ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGcC3q00Iz4EPE7hyYmNWxg&google_cver=1&google_push=Aer7DvJmVDqZwxjoHS-eA2NGvotiqO9p02uW16czxfDXlI3MPbHRLNTzGrFslZKJZizJTl--8u9QRa9BmUSqE5E-m7J-OJZSq01eLm8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=1240227622&pi=t.ma~as.1203090826&w=300&lmt=1682267952&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267952159&bpp=1&bdt=2675&idt=2&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280%2C1200x280%2C1005x124&nras=5&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&psts=AHQMDFdAtfEGjFWkhhvLti82c0_wqH2argVzjdnWtXgqkd7RAfhxSfqyYbwqI_6nC02LtFpwMlwbrUVPgXC3K7UMp-DdZeCm3a3vvsVREoaqBoX_mN5ATQ%2CAHQMDFeklGvliAIAiq0SHwCdGWy7f-V98axxYmH5FfAzTJDZYzEB1cTnoPlo8ze7jXq7trbRWE6t_oQaO94dUoksmzII7dES%2CAHQMDFdQdKH-533GTRofnvam-KQwe0_dKlzxfwr-zKjhWr1rj4Xkor8Rh0t31yRT-E8ZU2cKGQCbv43JumRglW5c5YNzNFBf%2CAHQMDFd5M8uq5Lsl18DVdl8p6OZUHaQMbB5kclQ80Qtp3kiRYEcZ2JFq-OhYPc6FJ-HhT_bGk-df_UVp3n4dtN8PfbSE4agg&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=xP7c3NNoHI&p=https%3A//all-news.co&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE56
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECNb6r2VN9EZteFbaMlLGMQ&google_cver=1&google_push=Aer7DvL_K50xFV9dPOnZezwjP-yogi-NghyB0BYmlhikfGfIlp7mnLin09TKmV9HLI6gXxHThyDdKz-EkW0Zo2gFOEZN...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECNb6r2VN9EZteFbaMlLGMQ&google_cver=1&google_push=Aer7DvL_K50xFV9dPOnZezwjP-yogi-NghyB0BYmlhikfGfIlp7mnLin09TKmV9HLI6gXxHThyDdKz-EkW0Zo2...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=4712cdbf-04e6-4dbc-9def-b1b9a85e17d9&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvL_K50xFV9dPOnZezwjP-yogi-NghyB0BYmlhikfGfIlp7mnLin09TKmV9HLI6gXxHThyDdKz-EkW0Zo2gFOEZNHkxRcSP4Jg&google_hm=NjaNh6z6R5CzWSFv7NVyyw==

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvL_K50xFV9dPOnZezwjP-yogi-NghyB0BYmlhikfGfIlp7mnLin09TKmV9HLI6gXxHThyDdKz-EkW0Zo2gFOEZNHkxRcSP4Jg&google_hm=NjaNh6z6R5CzWSFv7NVyyw==

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvL_K50xFV9dPOnZezwjP-yogi-NghyB0BYmlhikfGfIlp7mnLin09TKmV9HLI6gXxHThyDdKz-EkW0Zo2gFOEZNHkxRcSP4Jg&google_hm=NjaNh6z6R5CzWSFv7NVyyw==
date: Sun, 23 Apr 2023 16:39:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE56
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP6AHtHRTF2rlqUm6sSuniw&google_cver=1&google_push=Aer7DvJCqGA9eqpGzSnkZNhF9Du3Z2Lacyuvl6LwRdICAzF4EdLF3_JepnAIvE-NKj-w7HDqOHJgbXm6uV1kFbY0n_Nrbwh...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJCqGA9eqpGzSnkZNhF9Du3Z2Lacyuvl6LwRdICAzF4EdLF3_JepnAIvE-NKj-w7HDqOHJgbXm6uV1kFbY0n_NrbwhSwQfYc3s&google_hm=eS0zOHZzZjBSRTJwR0x...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJCqGA9eqpGzSnkZNhF9Du3Z2Lacyuvl6LwRdICAzF4EdLF3_JepnAIvE-NKj-w7HDqOHJgbXm6uV1kFbY0n_NrbwhSwQfYc3s&google_hm=eS0zOHZzZjBSRTJwR0xyci5HV1JIcmw0NXFPbHI4WFVUeX5B

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 23 Apr 2023 16:39:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJCqGA9eqpGzSnkZNhF9Du3Z2Lacyuvl6LwRdICAzF4EdLF3_JepnAIvE-NKj-w7HDqOHJgbXm6uV1kFbY0n_NrbwhSwQfYc3s&google_hm=eS0zOHZzZjBSRTJwR0xyci5HV1JIcmw0NXFPbHI4WFVUeX5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame EE56 43 B
351 B 37ms
16ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJ6eWI23RehSJknpBGtDPUs&google_cver=1&google_push=Aer7DvIlqpaenJhrOVcBL4DqXgpNI_2JBIRWjF87C1ckYLLzs8U1FiZY5ZH1Q-Uw0HeOCl3MWB8f7_qb-wH4RFMmb6hmKIJUh_saNw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=1240227622&pi=t.ma~as.1203090826&w=300&lmt=1682267952&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267952159&bpp=1&bdt=2675&idt=2&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280%2C1200x280%2C1005x124&nras=5&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&psts=AHQMDFdAtfEGjFWkhhvLti82c0_wqH2argVzjdnWtXgqkd7RAfhxSfqyYbwqI_6nC02LtFpwMlwbrUVPgXC3K7UMp-DdZeCm3a3vvsVREoaqBoX_mN5ATQ%2CAHQMDFeklGvliAIAiq0SHwCdGWy7f-V98axxYmH5FfAzTJDZYzEB1cTnoPlo8ze7jXq7trbRWE6t_oQaO94dUoksmzII7dES%2CAHQMDFdQdKH-533GTRofnvam-KQwe0_dKlzxfwr-zKjhWr1rj4Xkor8Rh0t31yRT-E8ZU2cKGQCbv43JumRglW5c5YNzNFBf%2CAHQMDFd5M8uq5Lsl18DVdl8p6OZUHaQMbB5kclQ80Qtp3kiRYEcZ2JFq-OhYPc6FJ-HhT_bGk-df_UVp3n4dtN8PfbSE4agg&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=xP7c3NNoHI&p=https%3A//all-news.co&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 690n60vor0797brq0d5cj588hgcrbkrd

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE56
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEECuSOHxrbMzO0qkdIVd50&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEECuSOHxrbMzO0qkdIVd50&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEECuSOHxrbMzO0qkdIVd50&google_hm=ZEVfMTq17y52cGYP0uAP9gAACJQAAAIB&google_nid=index&google_push=Aer7DvKGCkuEyOJAFYrvUuPO-_tgCRbCzITUa...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEECuSOHxrbMzO0qkdIVd50&google_hm=ZEVfMTq17y52cGYP0uAP9gAACJQAAAIB&google_nid=index&google_push=Aer7DvKGCkuEyOJAFYrvUuPO-_tgCRbCzITUaRahb7atGWB0L7cx4cHGapyUHj3cRARYtiuewjBoqfB6XyneX1Wd0Hx6Cl2TQ2MkZQ

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 23 Apr 2023 16:39:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEECuSOHxrbMzO0qkdIVd50&google_hm=ZEVfMTq17y52cGYP0uAP9gAACJQAAAIB&google_nid=index&google_push=Aer7DvKGCkuEyOJAFYrvUuPO-_tgCRbCzITUaRahb7atGWB0L7cx4cHGapyUHj3cRARYtiuewjBoqfB6XyneX1Wd0Hx6Cl2TQ2MkZQ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

report
sync.teads.tv/um/ Frame EE56
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB61Srk4TYWj5w53qCwRnng&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvJK3zqpxtijJmN8Et0iiKbzR9hYxHNPRl-e8G0jxHooyVA6a1jmiIx8jwZSjDKXlqu7PMJMgap66K_QmAwWNFpf8gGCiBEr1Ccq
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

50ms
50ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=1240227622&pi=t.ma~as.1203090826&w=300&lmt=1682267952&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682267952159&bpp=1&bdt=2675&idt=2&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daea0b9fdb7983203-22a9c713abdd0011%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w&gpic=UID%3D00000bee55f31860%3AT%3D1682267949%3ART%3D1682267949%3AS%3DALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g&prev_fmts=0x0%2C1068x280%2C324x250%2C1068x280%2C1200x280%2C1005x124&nras=5&correlator=1601235763377&rume=1&frm=20&pv=1&ga_vid=1471195294.1682267950&ga_sid=1682267950&ga_hid=1406576427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074065%2C31061691%2C31061692&oid=2&psts=AHQMDFdAtfEGjFWkhhvLti82c0_wqH2argVzjdnWtXgqkd7RAfhxSfqyYbwqI_6nC02LtFpwMlwbrUVPgXC3K7UMp-DdZeCm3a3vvsVREoaqBoX_mN5ATQ%2CAHQMDFeklGvliAIAiq0SHwCdGWy7f-V98axxYmH5FfAzTJDZYzEB1cTnoPlo8ze7jXq7trbRWE6t_oQaO94dUoksmzII7dES%2CAHQMDFdQdKH-533GTRofnvam-KQwe0_dKlzxfwr-zKjhWr1rj4Xkor8Rh0t31yRT-E8ZU2cKGQCbv43JumRglW5c5YNzNFBf%2CAHQMDFd5M8uq5Lsl18DVdl8p6OZUHaQMbB5kclQ80Qtp3kiRYEcZ2JFq-OhYPc6FJ-HhT_bGk-df_UVp3n4dtN8PfbSE4agg&pvsid=1673488326325570&tmod=1515440177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=xP7c3NNoHI&p=https%3A//all-news.co&dtd=6
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Sun, 23 Apr 2023 16:39:13 GMT
pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EE56 0
12 B 15ms
15ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IEbucE7fcq5Soyk8v7iJ0duL9ue_Dlv-f8fYp9YHX9yfFcCgJeQ8nxy8df1JUwPsvcVJFYRw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:39:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 1211 62 KB
23 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81fac6325b1f2079b58fe2257f06a8556902b77a50046b01c811aaf30655fac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 16:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1886
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23600
x-xss-protection: 0
server: cafe
etag: 5417508281733954414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 17:07:47 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 1211 0
17 B 275ms
275ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lgtmwklw&chm=1&ctx=2&gqid=MF9FZJ6_C4KeywWSgJnICg&qqid=CIi_1b24wP4CFdjisgodBrYC2g&met.4=fb.11j~lb.14o~cmrload.153~ol.17n~bdt.-22i~bpp.-6~idt.-5~dtd.-1~dt.-7&met.1=1.lgtmwjdy~6.0~7.0~8.0~9.0~10.0~12.1~13.11b~14.11e~15.11c~16.14q~17.14q~18.14q~19.17m~20.17m~21.17n~22.11q~23.11q&met.7=CAUQCBgBMMMKOKMMaAFwvwp4i8gBgAHfxQGIAZ3gBLABAbgBAw~CAkQChgBIMYKKMYKMM4KOAhoxgpwzQp4g0WAAddCiAHtqgGwAQG4AQM~CBIQBxgBIMYKKMYKMNgKOBJoxwpw1wp48weAAccFiAHwQ6oBGAoWUm9ib3RvOjcwMCw1MDAsNDAwLDMwMLABAbgBAw~CDoQBxgBIMYKKMYKMP8KODlAxwpI4wpQ4wpY9wpg6Qpo9wpw_gp4rxiAAYMWiAH0crABAbgBAw~CDoQChgBIMYKKMYKMI0LOEdo9wpw_wp4_I0IgAHQiwiIAcjXF7ABAbgBAw~CBwQChgBIMYKKMYKMM4KOAhoxwpwzQp41EGAAag_iAHrmQGwAQG4AQM~CBwQBhgBIK8LKK8LMKIMOHNorwtwoAx4rAKwAQG4AQM~CCEQBBgBILULKLULMOQLOC9otgtw5At4rAKwAQG4AQM~CBwQBRgBILYLKLYLML4LOAhotwtwvQt4lgeAAeoEiAGWCbABAbgBAw~CCgQChgBIKMMKKMMMKwMOAhopAxwqgx43LoBgAGwuAGIAd_uA7ABAbgBAw&met.3=113.17y_2~112.17y_2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 1211 0
17 B 275ms
275ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lgtmwkif&c=8152807262950&slotId=4076403631475&qqid=CIi_1b24wP4CFdjisgodBrYC2g&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 1211 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:50:58 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-5hne6nsr.c.2mdn.net/videoplayback/id/1ce25ce44efce31c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713803953/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1211
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/1ce25ce44efce31c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713803953/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-5hne6nsr.c.2mdn.net/videoplayback/id/1ce25ce44efce31c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713803953/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

82ms
13ms

Fetch
video/mp4

2a00:1450:400e:6::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5hne6nsr.c.2mdn.net/videoplayback/id/1ce25ce44efce31c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713803953/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6ADD2C972384C6579BAD94EB4C5E18CC924EA99C.0C69C342800E459309F173924997BA721CA00372/key/cms1/cms_redirect/yes/mh/55/mip/2001:ac8:20:3c00:1011:8bd9:4c8e:e9e1/mm/42/mn/sn-5hne6nsr/ms/onc/mt/1682267560/mv/m/mvi/4/pl/49/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400e:6::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 16:39:13 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1921239
Last-Modified: Mon, 19 Dec 2022 12:28:06 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 23 Apr 2023 16:39:13 GMT

Redirect headers

date: Sun, 23 Apr 2023 16:39:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-5hne6nsr.c.2mdn.net/videoplayback/id/1ce25ce44efce31c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713803953/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6ADD2C972384C6579BAD94EB4C5E18CC924EA99C.0C69C342800E459309F173924997BA721CA00372/key/cms1/cms_redirect/yes/mh/55/mip/2001:ac8:20:3c00:1011:8bd9:4c8e:e9e1/mm/42/mn/sn-5hne6nsr/ms/onc/mt/1682267560/mv/m/mvi/4/pl/49/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame D47B 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 123416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 06:22:17 GMT
expires: Sun, 21 Apr 2024 06:22:17 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame D47B 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 09:59:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 09:59:22 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D47B 0
20 B 113ms
113ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BxyluMV9FZKGeK422-wb66riYAQAAAAA4AeAEAg&bg=!y8ilyJzNAAYfNdXmPzU7ADkAdvg8WiSoE5k6092nv1FIhQ-E8QGY5Vg1CSxNlINdSV4vJ7Bmlt6hoxUAsA-MREZ5fuN_7TRBox8CAAAAQFIAAAACaAEHmQMSrrLsf-t-E5que8l4dVqVJpjziZf47ZdZhKGqaklq-bZWKUH5JciarTESZP1X6f1GD198MlShH3SYzQQYH4Ly5t0uCU6OMp2rJaYO6OMmnDIQh6CfBvVTvf3kPyAIoZBmrZnwj0H0XcaGggD8wo85Jr7oShjpDq-td5xqU-JQKpH8Y2p6y3meUBj1XCK54yWv2AtYgjIvvZkA_m4AN3k82gSNKkTL3G9NkGdVraVlzt4SkN2DJqIKjkGQpa1OqLkOJULXDo2-qxcM8EnVCh9h5mDp-CMZ4r-zbO4obLyvFdIdzSzXkw1qPvgrPSW-hy5QPuMO0Bx9OdVJEk05c1FNEjoJqBTIfHndTS6-f8LYkdspne2PBxbJnyghu0oeMKgUywpaJcXlmmaPhO2u8f_CCj4UB3QRe0L_wOaE4VqE1oW_ey5XdbkC05ETP_R0bPOBRpY7LVn1K4JEyb9Rp190gLWEZShnu3qcQt5tagtFf7vAFFkiG-yWew0LL7DIRU2cL8_ZYx9WcVm1m34erreKGJgEmo-SdPRvCDQI7Ry4i9pbIdtX2wCfOho3SBbxnVQFld66130xfW3K9JjTB92nGmBqjbQ656lYjEAP4-85xlIUiso7-Xrp7X7HYZjv71Ydsahel7qShZA4Jt1i7ZWe5mKDdbfxAnLoHt-kj2fy8ARvgSVHE46UDI2C-QqSYkkJhNVUOT8_vVkNqdEAZYNs3c0Bkghq0C7pZRpLGTvBUGvl4bs5GCymBXSzF57QHjhVFRAET3K3g8121VIRjQgMWNzqThGpdRNJwJ7BUwngectInSGaf7RmJOzdLRfVzSryilSu9yELnULz70s0aXV2qKZm5Jkcr5bIewf-2jM-JlxH6PG81Gb_cujqnOj9co-OuxpPKodRDDas-V_u1rcg-kN6oKUEW9hGI_Nbef0dSWf5Hdhpb-dUV-u1_yDf5wYqtz9Jis34Ntleq86Czb18M9cGwwCmvnk4JNxnUwfEc-sbR2mDkG8eSLLxbRoOgwwX441b1zSPmhHNXZeVjXV88L-H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r4---sn-5hne6nsr.c.2mdn.net/videoplayback/id/1ce25ce44efce31c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1713803953/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1211 2 MB
2 MB 29ms
14ms Media
video/mp4 2a00:1450:400e:6::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:6::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3f454cfab51cd176ca58816ee99636a36b507521f486e5d961084e24743dc50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range: bytes=0-

Response headers

expires: Sun, 23 Apr 2023 16:39:13 GMT
date: Sun, 23 Apr 2023 16:39:13 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1921238/1921239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1921239
last-modified: Mon, 19 Dec 2022 12:28:06 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H3 204 csi
csi.gstatic.com/ Frame 1211 0
17 B 278ms
277ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lgtmwkm7&c=8152807262950&slotId=4076403631475&qqid=CIi_1b24wP4CFdjisgodBrYC2g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=826&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 16:39:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.all-news.co/	1970-01-20 20:39:23	Name: __gads Value: ID=aea0b9fdb7983203-22a9c713abdd0011:T=1682267949:RT=1682267949:S=ALNI_MaAvGhbvaFPYHh_t4jHKBVLqrKn9w
.all-news.co/	1970-01-20 20:39:23	Name: __gpi Value: UID=00000bee55f31860:T=1682267949:RT=1682267949:S=ALNI_Mb9ymfAN1WN7dOlvDeaPl9CBDIX-g
.doubleclick.net/	1970-01-20 11:17:51	Name: DSID Value: NO_DATA
.simpli.fi/	1970-01-20 20:04:50	Name: suid Value: C7E4258CA81246948C1B678B3E9A4764
.adform.net/	1970-01-20 12:00:59	Name: C Value: 1
.adform.net/	1970-01-20 12:44:11	Name: uid Value: 4487793248788685715
.agkn.com/	1970-01-20 20:03:23	Name: ab Value: 0001%3A9afvYViivIkm%2F%2FqCEY%2FQ5hl4bzoni6q%2F
.agkn.com/	1970-01-20 20:03:23	Name: u Value: C\|0CEAr2BuvK9gbrwAAAAAAAQ13AQCAAQpAAAAAAA
.mathtag.com/	1970-01-20 20:43:43	Name: uuid Value: 57f46445-5f30-4a00-b8be-5938ddecff59
.mathtag.com/	1970-01-20 12:00:59	Name: mt_mop Value: 4:1682267952
.pubmatic.com/	1970-01-20 11:19:14	Name: KTPCACOOKIE Value: YES
.yahoo.com/	1970-01-20 20:03:45	Name: A3 Value: d=AQABBC9fRWQCEL33bQaAaWCNa7HeTH_c0LkFEgEBAQGwRmRPZAAAAAAA_eMAAA&S=AQAAAsAOgPXu0Yrw_4G8hVSG8YA
.pubmatic.com/	1970-01-20 20:03:23	Name: KADUSERCOOKIE Value: 44C58AE4-ACA1-4E10-A754-D6D65A9F186D
.turn.com/	1970-01-20 15:36:59	Name: uid Value: 3499229166371632430
.awin1.com/	1970-01-20 11:20:40	Name: awpv14702 Value: 412871\|1682267951\|6050d260-e1f5-11ed-89a2-223974343f8d
.awin1.com/	1970-01-20 11:20:40	Name: awpv20044 Value: 412871\|1682267951\|6052ce30-e1f5-11ed-b339-2265b7c46fb7
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.doubleclick.net/	1970-01-20 20:39:23	Name: IDE Value: AHWqTUlaQV59KdP-lEAQs4YSnwb1dwAVMLC_zNxTkx1-eH12TSAMR1M9VL9kB3mMsKc
.adfarm1.adition.com/	1970-01-20 13:27:23	Name: UserID1 Value: 7225285836953483404
.w55c.net/	1970-01-20 20:48:02	Name: wfivefivec Value: 4HkNoYtq1PQCK45
.quantserve.com/	1970-01-20 13:27:23	Name: d Value: EFkBCQHpKIEA
.quantserve.com/	1970-01-20 20:48:02	Name: mc Value: 64455f30-27f84-ffba0-2561c
.w55c.net/	1970-01-20 12:00:59	Name: matchgoogle Value: 5
.bidswitch.net/	1970-01-20 20:03:23	Name: tuuid Value: 36368d87-acfa-4790-b359-216fecd572cb
.bidswitch.net/	1970-01-20 20:03:23	Name: c Value: 1682267953
.bidswitch.net/	1970-01-20 20:03:23	Name: tuuid_lu Value: 1682267953
.casalemedia.com/	1970-01-20 20:03:23	Name: CMID Value: ZEVfMTq17y52cGYP0uAP9gAA
.casalemedia.com/	1970-01-20 13:27:23	Name: CMPS Value: 2196
.casalemedia.com/	1970-01-20 13:27:23	Name: CMPRO Value: 2196
ads.avct.cloud/	1970-01-20 20:03:23	Name: uuid Value: 4712cdbf-04e6-4dbc-9def-b1b9a85e17d9

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://as.ad4m.at/ad/dr?ed=1k8eyd1353g68cbvwtwapvkyhznkpxkzx72ray9djt5stp5h6e8m7f218q6j2a07k4h032erbrgzxkd5k6xszck0qnec1pyp0aze4k35c9dczyxjzct1p21ygbzkfb4ct3k5pmrsc8596wdqkbp14psqq44tbsq89qwxas03d42rm61zzhk8hwnq629e3qecfn53515h1raj670tjwyvday7nmkcwe9eaxtxr6c2efe5f418gpvd3vefdt6h971v604dmv04a95j5cs4v2h80423cxpgmcfhejr60nd6veymvv52p4q7zhjbgx917yrj5r2p6pwyygjdjc4h2j8h11hpktqq8e6bqn74f4rsn2as1pqpgj312xhk6h4m804040w1m8ce8zgsx248xxqpb8e36beahqh887x4jx6vqdwbjnsr6mkv2y6892bwn53sbct64zfnfjz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%26client%3Dca-pub-8439024877331049%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=03fdb5dd06a0a41fcd377d6f753b55ed%2F13898128019845577384&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682267951615&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx830f3gg26yppnv3sdda7j2eqvn2jhqzdewdtmnmaxeqam7dxjqe0sa2apkhavfwe4av4xy8ewfyqxa4k6kxp94yckrt9k98bpd6h91zrw1nf9fsdenegjzhz4rtrv1d435v6q0h0xmxkz3m24d0cc3cn5gwag05vyz4m16n9j3dasar6eqs5gtnarm9dvgyhq26850440nmpxg4y1wpgybqjraef5sf5f2njhtdyz14cmegh6sbdk7tye0pyr8qbp1enva3b7gpky04cem7s360%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpF_jLl9FZJHDMJHEywWvu4WYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDnIAQmpAm9kdFcwbrI-qAMBqgS5AU_Qn0JcQSpY0p6tMOsAbWlibEDC4l_jPkVn9aWZaknnOB3_Hf2chnj95uLxm3WuZ4c2yn3ES02v4Z6IwtlYMWORljWcixe6202aF_3_dSBMJy_9nygCY6eJnn0WnCyrod5garnQme5UmspqiS2RJ2rVCLO2t7LhS8dFkcJtudv61phXNN6baaeOUEji-dkwReT-CHWsWS14T-Vai5b01zO1S-7F-b22ohDxvO6gNjZRS7cAYyO0Ljr_gAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3l0j75bLNthGC078Q3nFBFVn6aaA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-8439024877331049&fa=1&ifi=8&uci=a!8&btvi=5&xpc=VgeBvHhjtb&p=https%3A//all-news.co Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ad4m.at
ads.avct.cloud
adservice.google.com
adservice.google.de
all-news.co
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
bid.g.doubleclick.net
bilbor.live
c1.adform.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d.agkn.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
image6.pubmatic.com
imasdk.googleapis.com
m.media-amazon.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
r4---sn-5hne6nsr.c.2mdn.net
rtb.openx.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
u6387641.ct.sendgrid.net
um.simpli.fi
wms-na.amazon-adsystem.com
ws-na.amazon-adsystem.com
www.awin1.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z-na.amazon-adsystem.com
104.111.217.42
108.138.17.219
142.250.186.34
143.204.94.19
167.235.79.212
167.89.123.122
173.194.76.156
18.132.51.149
18.198.72.223
18.66.147.98
185.29.132.245
185.64.190.78
185.80.39.216
23.210.125.176
2404:6800:400a:80a::2003
2600:1901:0:76b9::
2600:9000:2491:1c00:1d:d7f6:39d2:2dc1
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:803::2002
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:400e:6::9
2a05:d018:d29:3602:5c69:ba98:7fb3:79a9
3.120.53.183
3.68.255.194
34.91.62.186
35.186.253.211
35.71.131.137
37.157.2.239
46.228.164.11
5.189.131.58
51.89.9.251
52.17.20.101
52.56.54.153
52.94.230.46
52.94.233.131
64.158.223.140
69.173.144.165
85.114.159.118
98.98.134.242
99.86.4.36
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3bd360ef5255d230c905093b03e7e1ab36fd1959ea959d6928df4e15cff7b4
0de6851ec41ff14e2bafaad89f61fddffd5a0e80a1aae7688fbc535161356ab1
0e9a646e8f05c8c4a8609a8b0160b83a403b7a43fd196ff6e421d843cf6a819f
0fea5b7ebe66f64901a6a5bf6e30ab538358aa7bf343235d5b69b14d4c1bec5f
0feb694780e2a81382412dcbe4a36444ac643f686176a815474ffd6ec67fd052
1370903a1e242d482364b08f180e6add61f2f2b4abae8cfb0de855b56017cfb2
14334adb9eeee023957e2b917ea419a3b333836e1828a0de5318dac4a190cfa4
146ee4804b68d656b891cc5597513ba483730afa8549cc612f1fff0f14e74e56
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
231de18b8d42e355897c3c550df71a0e4c19593ba51070a130ee9f307a70c441
23305ed5fb3a9414e791640284a5e0269c6c0f871dd0d76c0ea628144bc7cd70
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3de691ce0621759ef92fcca16a46d3c4233ae72ba31a8c16f7b9fbbf0d6bdd3b
3e4e65e7db3c40d4bb9c16f3e85e1e7ed107d564d25c56e3170b38da5460506f
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
3f454cfab51cd176ca58816ee99636a36b507521f486e5d961084e24743dc50f
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
41dde242632eed714432d63f99fd78e6520fa938df205d1f0020c2e671b1be9c
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49c113b6922ebafb0cd4c2c293907076401af06b505325bb1b97fae20798e03f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fb8dcb743bfbe4d782eeebc1fed296e261864b549b967b9b683055ef21fdc8a
522f3268a3976e8154626a407c97a2ea7042a15edf1e46d0457b9bf1a9d27ec9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf
58ec48d4b2f76f2e63e163a7292d6cf6fe8daee7e4e660dce65eacea9ebf8c3a
5a5411cdc7ddb1721f3e2dfa49242b7826b06c02c614d54549ceb9dfa68b9ba2
5b19673183512e55afcfa011edf11cb7a8d0daaea0bb80de2ad9891e7d910e2f
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5dda8db38026fc522c7c017ba17bbf533be39a00cea07cbc1086f1537dce7272
5e5961ee3a4ded043cc01b78c75be061dcfc90f3a252a3b0e39ad01dac657f02
604828ce569ef83418a1eaa83ce43806a32326fa411264e8a154685102c246bb
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d433a746802bb703b1f2562d12e16cfe54b3500cd138fc0bc4749262155c45
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93
633cb9c77e9d47d86a4a4558c51d6ddabba2fd0a5a5efda489cb4f100735a4f0
66c84fd2e855f7f8795d82db9f5aacc7b3752200f492850aac5cda6eddad7fd1
6919ae3e012a38d152cf79dc38831759adbbefff3510194628fc6887caaf12c0
6c711e7939187c82f8ee963b72e8d9bb34338ee60be229dd0417527f57a1e8a1
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
7ab31547e748e92d3c8227c1be66e733a2287ab2137a1f35d808fbe9d1487d7d
7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f
7c618f6ea860f52ba757f6f43ecea4fdb9d684bd0d543ef24e8c72dc227375ca
81fac6325b1f2079b58fe2257f06a8556902b77a50046b01c811aaf30655fac4
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8b712db8300435e1b7f506938fcbf6cf285b7d680e476dd9aacd3e2a1864ec1b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
95f74c25ba6427f3af9afc1451c31a216be6e42576be69045ba3b55da79313ca
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9
9dce36a3b07e5f030b4bca5cff2c9c12edec9c10403f39c5b85052821e6c8b1b
9f237a71ab25a3d8a77866369ec3324dfdc4aa2c6872cac6fce52836e76bd61e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f283ee9b1ce4f4c37ca29d4d95a74dc321684268f9876bf85f1547dcea4b31
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
b2f5b30ec2d810ca80a749b0b0b39b981b096e9e9a428e3aa583d5795749491e
b3327ef16835aa5bc88f852504d8b7d728e7f1984e5a062e4896af5f19052a0c
b8939a0d5bea5bad9b1dc74928170d320b393615e282545b4e9e1ebcbffc1f28
badc2302e66620121869ba6234fe90f8dbc7ac81828104dcf0436da6b70dd933
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5
be49950bb233dedd525e7fe74d73334cf81440f0ae6834246082253bc427b8fe
c317a678c440afae34736fd8d13a0a28f7f21fdfb351a94f33c7f2abb2560ed8
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8
c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d55b03b88a11794a36a6aa09d2cf06ddb1d2e949a0eeac253d41562661b4a439
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7a590e84fc1a009a77c4935ccf63e0dd22c894a164f53526594f76ea4c0c6d3
d9e91b3f9774fe3dc34aadf01aeee6bb22c83965b4f1562ce7936cc2057a3aa9
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f927e471a3e0424531f0abb7c913577d6c99a3e8d8a2b381e5741def1fdc9d
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
ea40545ae71209809fd42c76b56385d7482b325afaa4628f0892bff8c50d2b96
eeced1d8cb05e0490197eca352ff09680161f09b254df3fca1acb8e98593a275
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f041e67172d6e80a08affef4f2c399244f7400184361f40072f16d7753866b64
f132a3b6e8c8de07e8491ce98f184a952823c139df20446f61a1a9daca060a49
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

all-news.co Open in urlscan Pro 5.189.131.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

228 Requests

90 %HTTPS

42 %IPv6

40 Domains

57 Subdomains

40 IPs

8 Countries

8122 kBTransfer

10825 kBSize

30 Cookies

3 Outgoing links

Page URL History

Redirected requests

228 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

all-news.co Open in urlscan Pro
5.189.131.58 Public Scan

Screenshot
Live screenshot

Full Image

228
Requests

90 %
HTTPS

42 %
IPv6

40
Domains

57
Subdomains

40
IPs

8
Countries

8122 kB
Transfer

10825 kB
Size

30
Cookies

228 HTTP transactions
10 data transactions