all-news.co Open in urlscan Pro
2606:4700:3032::ac43:8293 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/issosales/hrefly.html#?Z289MSZzMT0xMTkzNTY4JnMyPTE4Njc2NzI0JnMzPVVT
Effective URL:
https://all-news.co/
Submission: On September 19 via manual (September 19th 2021, 12:45:44 am UTC) from US — Scanned from DE

Summary HTTP 189 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 21 domains to perform 189 HTTP transactions. The main IP is 2606:4700:3032::ac43:8293, located in United States and belongs to CLOUDFLARENET, US. The main domain is all-news.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 2nd 2020. Valid for: a year.

This is the only time all-news.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:801::2010	15169 (GOOGLE) (GOOGLE)
1 1	134.119.194.231 134.119.194.231	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
56	2606:4700:303... 2606:4700:3032::ac43:8293	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
6	2606:4700:303... 2606:4700:3039::6815:c01b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
5	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:4225:58c4:d6f3:5063	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3039::6815:c01a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
189	28

1 2a00:1450:4001:801::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.119.194.231 (Ascension Island) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

134.119.194.231	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2606:4700:3032::ac43:8293 (United States)

ASN13335 (CLOUDFLARENET, US)

all-news.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3039::6815:c01b (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:4225:58c4:d6f3:5063 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3039::6815:c01a (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	all-news.co all-news.co	1 MB
48	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	535 KB
23	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	153 KB
14	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	255 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	179 KB
7	google.com 2 redirects adservice.google.com www.google.com	2 KB
6	googletagservices.com www.googletagservices.com	221 KB
6	googleapis.com storage.googleapis.com fonts.googleapis.com	5 KB
5	onesignal.com cdn.onesignal.com onesignal.com	82 KB
3	awin1.com 1 redirects www.awin1.com	2 KB
3	google.se adservice.google.se	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	759 B
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	congstar.de banner.congstar.de	518 B
1	innovid.com ag.innovid.com	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	quantserve.com cms.quantserve.com	464 B
1	googleadservices.com partner.googleadservices.com	659 B
189	21

	Domain	Requested by
56	all-news.co	storage.googleapis.com all-news.co
33	tpc.googlesyndication.com	googleads.g.doubleclick.net storage.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net storage.googleapis.com
15	pagead2.googlesyndication.com	all-news.co pagead2.googlesyndication.com googleads.g.doubleclick.net storage.googleapis.com tpc.googlesyndication.com www.googletagservices.com
10	fonts.gstatic.com	fonts.googleapis.com
6	assets.ad4m.at	as.ad4m.at
6	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	fonts.googleapis.com	all-news.co googleads.g.doubleclick.net tpc.googlesyndication.com
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
3	www.awin1.com	1 redirects as.ad4m.at
3	onesignal.com	cdn.onesignal.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.se	pagead2.googlesyndication.com
2	ad.doubleclick.net	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	www.google-analytics.com	all-news.co www.google-analytics.com
2	cdn.onesignal.com	all-news.co cdn.onesignal.com
1	banner.congstar.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	storage.googleapis.com
189	32

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
instagram.com

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-02` - `2021-12-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://all-news.co/
Frame ID: CD175E389A9B247B430C83D9C0792922
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Frame ID: C982DE47C7133E65147A7B5DEDC6D931
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1632012338&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338053&bpp=9&bdt=267&idt=131&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1865723874444&frm=20&pv=2&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=145
Frame ID: CCADB8E775C525F31E555232C080B4CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1632012338&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338062&bpp=10&bdt=276&idt=156&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9lWn1mS41f&p=https%3A//all-news.co&dtd=160
Frame ID: 93C86FB4405D4390276730C7F823D4DE
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6716237659&adk=3271757693&adf=2516129113&pi=t.ma~as.6716237659&w=324&fwrn=4&fwrnh=100&lmt=1632012338&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338141&bpp=20&bdt=355&idt=108&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1010&ady=1702&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bSfD72firN&p=https%3A//all-news.co&dtd=112
Frame ID: 91E1E4446C7B2680227E945EE85DD8D8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6D7D1955A5CF25ED2F9A60409803E264
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Frame ID: 28F615A3BABAEF3AD8A1A0FDD420ECF1
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html
Frame ID: ADAF671453209BA141C6FF1A677605D3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cq_2PMohGYee4EJKX-gbK8I2YCaroxK9k_PzR0bIO__WQ49cCEAEgzNPsggFglQKgAb6LkdADyAEJqQIYQynVuKuzPqgDAcgDSKoEqwFP0BUrgOOYpaFloK9nDmLZpbdOtzFr_DcC54UlgtJaRvjtTEyFBrjFWv0DdFM_oa0sfcctWZH8qTqbTkrEMfHBuNorUcD2okOrMa8WSPt0IQXoQLabpGzuQupjMuBuAEwDvm8m7mY1fhHsI1Kj-Wf3XuH1z_XfwIhfgcOeLOMFoDooTppQtIfNyDhTQxbnPHxr0WTclRwwyT7Xl7pSW254vMvKryUSRD4vT8PABNyzsbP0A5IFBAgEGAGSBQQIBRgEoAYugAfq0pUwqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBCg9wLSCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=ZTxx827tyxo&template_id=419
Frame ID: EB29144772F185938B1F10AE65101966
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1cNYsg18Ntl-dLR0EWIlBptOsTN7Mb0i9rJo18o3efQ.js
Frame ID: 90BF611509EE7346C7101F2BDC39D7C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0502DA77738973F532FB4A6AA5D35CA8
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C54585A078D7D87E3C98241DA61428F0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0D50B7D8363669B77C2C029D02689AF2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1cNYsg18Ntl-dLR0EWIlBptOsTN7Mb0i9rJo18o3efQ.js
Frame ID: F631446BA730FE84B5696C1683203073
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1cNYsg18Ntl-dLR0EWIlBptOsTN7Mb0i9rJo18o3efQ.js
Frame ID: 6DCF8E7C1381F3D102DA4175EB8F8BD3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1965034739&adf=613035099&pi=t.ma~as.9785579158&w=300&lmt=1632012339&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012339416&bpp=1&bdt=1630&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8c755f505fdae66-224b71a438c90003%3AT%3D1632012338%3ART%3D1632012338%3AS%3DALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw&prev_fmts=0x0%2C712x178%2C324x250%2C1600x1200%2C1005x124&nras=3&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1022&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_XV8lAbozukdUFiS-nd5N5rNx3j1O9Mq8D5oz9k5pkWs9-soYLM7KBCaU8yoHXyksuw06-U16djw%2CAGkb-H8gcI8dqe7Bh_BzjSin9SGj_xcQi5yTpsPDWP2VHeBYYxgKhoiumF6DsCgZwbwSGaazwoDX187LL5_lh_Jzuh2JvmSO9TnJKICXTzY&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=LIEvEeJmCL&p=https%3A//all-news.co&dtd=5
Frame ID: A24A083CB69D568CD08C48A59FB202B8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2AFB6C395F299A328C3C91649CBBD6F2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CA8900C600208EB4CFF14913C198C62C
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hx6vja08qfk844s2femnehknbgx7zf18n0e5bf3w5h6g6cg04s9w0pwz7e06xr9pq2brth5tp1vddfnnqws586hc1fwq0w7teswpd39zsmxehc68eq9hbbgw38ytjrd3699yys1rz8hr8tzzq2sefqmjzrm0bhjj4h3dh6xb60qaz0qt7dt6yecf0vd462t0x4rhtj4k45ktp42vmg473bkkeex2yz4t0t6zfmzjs3rz3aaa3gk0a9cv62hgywe9gs5jyys7q9tt1j08na4gj8rnap46xw7f4mk96t1kzjfsvwqfqx8x979zv2r06rtkeczjr5wsxpyycfnk1hvzsk6th2mw7j72be7cgjnffgs241t42q98jb9kkxs8dgkfgk1jrc80kptaah3m8mqkpfh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%26client%3Dca-pub-8439024877331049%26adurl%3D
Frame ID: 99DCD974EEA0294EEBAE0ADF76DC615F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9C75FA012AAA2538F05C6004771C953C
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FAFE44E3FC68488D6A6D1DAC0DB67875
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTj&g=90f45ded034c8ca1497ebafc311858af%2F16139477276612589375&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632012340436&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1js7gjfk4zs00x2g0z29ceqkkxhhjgcf7jp8ps4ed2g7abw4jyw84a2qfv7tvpjgydpv23x4nk67qysjdx2bmhhmb5wje0pf71mtdffbf23z15zmw1mpz2pjdfe1k844m8npxyqgxz5ey5hcsx1dq1entyh1kgdz8wxbf1vkw5e3vh5pp8m97rcgt20p1xhznn9jqbn3ttq9zvy4ecc7bqh0ezs3dmp8vhf1v8e5tand8sc0sgy51pjk6h1jfmxk28mb6ph9ezv84%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Frame ID: 039472A67387C9716B56AFC5DA002B5E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - all-news

Page URL History Show full URLs

https://storage.googleapis.com/issosales/hrefly.html Page URL
http://134.119.194.231/??Z289MSZzMT0xMTkzNTY4JnMyPTE4Njc2NzI0JnMzPVVT HTTP 302
https://all-news.co/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

189
Requests

99 %
HTTPS

70 %
IPv6

21
Domains

32
Subdomains

28
IPs

5
Countries

2569 kB
Transfer

6379 kB
Size

32
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/AllNews25193679

Search URL Search Domain Scan URL

URL: https://www.facebook.com/https://www.facebook.com/all-newsco-638489289927131
Title: Like

Search URL Search Domain Scan URL

URL: https://instagram.com/https://instagram.com
Title: Follow

Search URL Search Domain Scan URL

URL: https://twitter.com/https://twitter.com/AllNews25193679
Title: Follow

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/issosales/hrefly.html Page URL
http://134.119.194.231/??Z289MSZzMT0xMTkzNTY4JnMyPTE4Njc2NzI0JnMzPVVT HTTP 302
https://all-news.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIgo3XFAR0y20IBUwmIN5HpKYVPCdaTuVH5KwTqsUGr-pl27vyvUg0enchAxYds_epSupLSWGJX5z8ZsWNyTitDT0vbLT4&google_gid=CAESEF7uVZvxyq465lzS8dGE3Xw&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIgo3XFAR0y20IBUwmIN5HpKYVPCdaTuVH5KwTqsUGr-pl27vyvUg0enchAxYds_epSupLSWGJX5z8ZsWNyTitDT0vbLT4&google_gid=CAESEF7uVZvxyq465lzS8dGE3Xw&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MTkwMDQ1NDAwMDAzMTM0NDczODU1MQ%3D%3D&google_push=AYg5qPIgo3XFAR0y20IBUwmIN5HpKYVPCdaTuVH5KwTqsUGr-pl27vyvUg0enchAxYds_epSupLSWGJX5z8ZsWNyTitDT0vbLT4

Request Chain 162

https://rtb.openx.net/sync/dds?google_gid=CAESEGU8_8N2p6-mcS3tCOsaQCE&google_cver=1&google_push=AYg5qPJFZG9QatC9nV0rLOq8OASQMVjLL9GcggU8CPtEzLnQGYi93KKAl1iVY2ckg-AJIXqDti-0QZy8dEaC58tex9bWrei0xvj_ HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEGU8_8N2p6-mcS3tCOsaQCE&google_cver=1&google_push=AYg5qPJFZG9QatC9nV0rLOq8OASQMVjLL9GcggU8CPtEzLnQGYi93KKAl1iVY2ckg-AJIXqDti-0QZy8dEaC58tex9bWrei0xvj_&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJFZG9QatC9nV0rLOq8OASQMVjLL9GcggU8CPtEzLnQGYi93KKAl1iVY2ckg-AJIXqDti-0QZy8dEaC58tex9bWrei0xvj_&google_hm=fAq86WGhx_8LpFCAIrs9kg==

Request Chain 163

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBwfMcaigPrZiaNXeTR3HdA&google_cver=1&google_push=AYg5qPLpa5A7PKyFlcY5dFko7zOefNTDHUB9abG6tm5mDRINwOTaZHKCk1eTABmRaVE64WLIi3AC52Vx6MnyzE9P51hKE-JAT8c HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBwfMcaigPrZiaNXeTR3HdA&google_cver=1&google_push=AYg5qPLpa5A7PKyFlcY5dFko7zOefNTDHUB9abG6tm5mDRINwOTaZHKCk1eTABmRaVE64WLIi3AC52Vx6MnyzE9P51hKE-JAT8c&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dACp_5QuSJKITopesUZM7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLpa5A7PKyFlcY5dFko7zOefNTDHUB9abG6tm5mDRINwOTaZHKCk1eTABmRaVE64WLIi3AC52Vx6MnyzE9P51hKE-JAT8c

Request Chain 164

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM5Aq_Nb9fxW0xVJ9PULZqE&google_cver=1&google_push=AYg5qPL-rOqcax712R-XNdi6TgE6P0NBdpfjEddgXAXMjhBzjmOtfzmFX-PcoQNvPkQsnFwyulXvZCirmfeBo1hNsqtocsXwlaVG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RRSTBDVkotQS1GOUMz&google_push=AYg5qPL-rOqcax712R-XNdi6TgE6P0NBdpfjEddgXAXMjhBzjmOtfzmFX-PcoQNvPkQsnFwyulXvZCirmfeBo1hNsqtocsXwlaVG

Request Chain 165

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_cver=1&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk

Request Chain 190

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuid0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTjasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMrMz97nifMCFVbhuwgdC2YJmQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuid0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTjasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuid0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTjasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1632012340_e9d26cc0-18e2-11ec-8a78-692d0556460e

189 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 hrefly.html
storage.googleapis.com/issosales/ 246 B
848 B 145ms
123ms Document
text/html 2a00:1450:4001:801::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/issosales/hrefly.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

:method: GET
:authority: storage.googleapis.com
:scheme: https
:path: /issosales/hrefly.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-guploader-uploadid: ADPycdvaihi1ZI0iuBsdk7KBuTLGyeJPRgzXZdoeUPC4kyKXa7CFQDJYdMzjazw8tUOD0x_G2vxDD2MjRJmg8HAw328dMsDZTA
expires: Sun, 19 Sep 2021 01:45:36 GMT
date: Sun, 19 Sep 2021 00:45:36 GMT
last-modified: Thu, 08 Apr 2021 01:12:38 GMT
etag: "f169dbc20fe4adfca3fc4f5e1444afc9"
x-goog-generation: 1617844358683653
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 246
content-type: text/html
x-goog-hash: crc32c=U1B9Pw== md5=8Wnbwg/krfyj/E9eFESvyQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 246
server: UploadServer
cache-control: public, max-age=3600
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Primary Request / Show response
all-news.co/
Redirect Chain

http://134.119.194.231/??Z289MSZzMT0xMTkzNTY4JnMyPTE4Njc2NzI0JnMzPVVT
https://all-news.co/

596 KB
62 KB

1511ms
1465ms

Document
text/html

2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/issosales/hrefly.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.25
Resource Hash: ebf28e5b73db0fb701054f34a66660878904f6ebc511167a9e0c32777cd1609a

Request headers

:method: GET
:authority: all-news.co
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storage.googleapis.com/issosales/hrefly.html#?Z289MSZzMT0xMTkzNTY4JnMyPTE4Njc2NzI0JnMzPVVT

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.25
cf-edge-cache: cache,platform=wordpress
link: <https://all-news.co/wp-json/>; rel="https://api.w.org/" <https://all-news.co/wp-json/wp/v2/pages/1027>; rel="alternate"; type="application/json" <https://all-news.co/>; rel=shortlink
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3TXeSFREEt%2FZfjqpU4a2VIeF9xRqchyQIXcgkXfJTO%2BVwg51GiXTS3qo%2BepxiKMg4XAJ%2F%2FM9pVSJlgfQR28lVO1qIZx9iY5zZY5dK1pY0A9EYyMxFCVVWhDHYi%2B6tQkv7bNR%2BbBGSRHvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 690ecacdf9b24e55-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 19 Sep 2021 00:45:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://all-news.co
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 style.min.css
all-news.co/wp-includes/css/dist/block-library/ 79 KB
11 KB 14ms
11ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jul 2021 22:16:13 GMT
server: cloudflare
age: 3768
etag: W/"13abe-5c7d1c0611d3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOirsjq1xBtdlgh8n%2F%2Fjp6Pn9syNL7ZqtaJJOPAW2Fb0yWPZktZzq%2F%2BoK6k4wwUwGvbcvtPFqxnO3ZqtbqIIsShsb%2FQKkNBxjE7T4YPKN6huk%2BxutmTwRWeYfLx3%2FWZyrdk3aFGR%2B72h9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 690ecad749934e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 cookie-law-info-public.css
all-news.co/wp-content/plugins/cookie-law-info/public/css/ 3 KB
1022 B 17ms
14ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.5
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

:path: /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3768
cf-polished: origSize=3109
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 20:50:28 GMT
server: cloudflare
etag: W/"c25-5c84940c088c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sirGX%2Bs5sMtdfwAJTb5C6XgGrAfsFjGEqR9pOcdO1VpBfCYp%2BWQ2skKbfXnD6QfeuUT2RxX2NVWukLCE9OE14TxswubAsTyv0z4lEk3iZy7JgmCUXKQyO%2BMENKPvm%2FjWZw%2FvIgV3z85zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 690ecad749944e55-FRA
cf-bgj: minify

GET
H2 200 cookie-law-info-gdpr.css
all-news.co/wp-content/plugins/cookie-law-info/public/css/ 22 KB
4 KB 19ms
17ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.5
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49beb700d387c742e63bdbe609124f2cb157fb3d008d8a8dda9b72efc730c859

Request headers

:path: /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3768
cf-polished: origSize=28741
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 20:50:28 GMT
server: cloudflare
etag: W/"7045-5c84940c088c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7%2FK%2BWyKiPWDRQWJFSI2e%2FEuErK9xgJ1Ww6PAqL6hHR9zpc%2FNBPiIAtkjMrWSH5VeVF1DV1PJyQGo2fOLt96squkl1qLDZtOZkoNOQ3dsAh6pkArZcd%2FewcYfDzgqg3KnixFFNfTNgbhvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 690ecad749954e55-FRA
cf-bgj: minify

GET
H2 200 form-basic.css
all-news.co/wp-content/plugins/mailchimp-for-wp/assets/css/ 2 KB
882 B 14ms
12ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.6
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c518ad5d0adbc0754bac8b71c958312a6bd77d4e318500fec44d929e00f857ec

Request headers

:path: /wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3768
cf-polished: origSize=1682
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 24 Jun 2021 15:50:11 GMT
server: cloudflare
etag: W/"692-5c584fa6bcff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQ%2BmHBXoY4F5hrKHWifoUFmI%2B0FuFGElHUBBd003c8sPIdn1a%2FxOrDYAAhiNHKQ%2BFtdd1y0Ze8VYhminFp8WWNxF5CAVDNAJukmiUco%2FMpbDPcerPGolmxjHi4RpBr79%2FU7qUAlcQrZSaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 690ecad749964e55-FRA
cf-bgj: minify

GET
H2 200 style.css
all-news.co/wp-content/plugins/td-newsletter/ 6 KB
2 KB 15ms
13ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-newsletter/style.css?ver=11.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ae14082f4d2088f2bcc4f8e3da3955343dd1e39e0a5f9333c45d6428c3cfc5

Request headers

:path: /wp-content/plugins/td-newsletter/style.css?ver=11.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3768
cf-polished: origSize=5831
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Jul 2021 17:41:28 GMT
server: cloudflare
etag: W/"16c7-5c85ababa1053"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fw0o6wwY3RXC6Jn4rHwtDLgxxjMWmMdv0fbQC8PSrbntyzfF54pSQgV6u%2Ffra01PzwZrObOyHNHLPvd8to7JxcBlPX0%2FwxhjltkqGlhdOZBJy44NL5hU%2BImGAMY8anWA88gHiFtWXNDw1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 690ecad749974e55-FRA
cf-bgj: minify

GET
H2 200 style.css
all-news.co/wp-content/plugins/td-composer/td-multi-purpose/ 36 KB
5 KB 15ms
13ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=5496ac087ca179a9788dadb779dbc160
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583

Request headers

:path: /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=5496ac087ca179a9788dadb779dbc160
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3768
cf-polished: origSize=37284
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Jul 2021 17:41:11 GMT
server: cloudflare
etag: W/"91a4-5c85ab9ae9eb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoKQwJpDHHlvNil%2Fk6xMQMeIZjSaHhm%2B80ZmL6VLWJ6mo5zhuzlEM3BMukXogHKMOezaG2CjSxRzLioyQCoDD7e385gPanG8r2W9z%2Bv8MMuqqSx8%2FB8BWODb%2FCQ%2BwPIJ%2FlXYHyhObxxT5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 690ecad749984e55-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

808fa266ffd5666e6ecbff99004bc49617c77cc4287880af64ddf3875022d128

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 19 Sep 2021 00:45:37 GMT
server: ESF
date: Sun, 19 Sep 2021 00:45:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Sep 2021 00:45:37 GMT

GET
H2 200 style.css
all-news.co/wp-content/themes/Newspaper/ 104 KB
20 KB 16ms
15ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6

Request headers

:path: /wp-content/themes/Newspaper/style.css?ver=11.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3768
cf-polished: origSize=149059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Jul 2021 17:41:03 GMT
server: cloudflare
etag: W/"24643-5c85ab932dea9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKhoGjapNQwySprhUtVbN5%2F8%2FWVVxbfKwfn19atYlT37o5omIbcmhPpZ7BgStRSyAqO%2BJ9TiruOd4VrTaoSfPOuzlSnqjpZye5mBQcl53l7jpDJ6ALA0H0jOLuNW55kW6Fo0SwBnWGRLXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 690ecad749994e55-FRA
cf-bgj: minify

GET
H2 200 td_legacy_main.css
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 125 KB
21 KB 24ms
22ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e11358f81905fda56213119d8d9a1076ec679d26ad3f9ad82c0091024a7a1408

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3768
cf-polished: origSize=158679
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Jul 2021 17:41:10 GMT
server: cloudflare
etag: W/"26bd7-5c85ab99ea4d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgoE%2BIo0QsMh5la%2FvdDhcSLN3y4IAuMq0AVmEI5qgK%2BnxUo3clqjG4%2Bq3mEKzY3wes7abKeGu7XK84Fr4kQx%2FU5lYOwuB1ErJWNneDpHRTPTODUEmVgu9M7OnZj1LzDu4QpJt2VcpcHnrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 690ecad7499a4e55-FRA
cf-bgj: minify

GET
H2 200 td_standard_pack_main.css
all-news.co/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 569 KB
52 KB 27ms
25ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9214a050dc0a6c6eeaa5c1aa35f9cfe3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6956cbfddf2ce28aee043ecd2b7dbc3ada3954646d7009c6dd1b5ca173f136f9

Request headers

:path: /wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9214a050dc0a6c6eeaa5c1aa35f9cfe3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3768
cf-polished: origSize=732364
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Jul 2021 17:41:36 GMT
server: cloudflare
etag: W/"b2ccc-5c85abb2d9ac8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqJS%2FqGdMRgXofRvyPuC3p6kvItSGQ39R3wH6PJX0ER1vt4tIVVJzsBv3eDf5ADettY%2FvlIXJOiq8Tb42zROqKEIGx6DQjXC75zJ8cF964qr%2FGovZpARo4eGs7FjeY41DkqWgT5%2BlSbUtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 690ecad7499b4e55-FRA
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
all-news.co/wp-includes/js/jquery/ 87 KB
32 KB 18ms
17ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jul 2021 22:16:13 GMT
server: cloudflare
age: 6458
etag: W/"15db1-5c7d1c05fb9c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kgy4xMuH3p%2BPpjztoSQO66hC%2B7IQYm7qEL8pfcC3YAV2aQshwYgY1cfkqbKG3TVEliM0pSNp%2Bsp8no8%2FWLy%2BdEFtVuONW6JBTCwKUycctHueA%2FkEHMOv1UJA3jz2RBaamX2dy0dWdrahYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 690ecad7499c4e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
all-news.co/wp-includes/js/jquery/ 11 KB
5 KB 22ms
21ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jan 2021 11:51:38 GMT
server: cloudflare
age: 6458
etag: W/"2bd8-5b84e0ffba56e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6ulgK6%2FL4AXzb2p6aMIhYHCm1iNU%2FBzhIhlrqpYAP5bGPPIqdL8EG9KYut%2FP9c6HeNZILalV2%2BOat0iWDRVGR1le%2B5YQA95tLKHGIvMH4TqKxmmSF0hemzeuDJonyOBsjKZq7QPhvcS7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 690ecad7599e4e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 cookie-law-info-public.js Show response
all-news.co/wp-content/plugins/cookie-law-info/public/js/ 27 KB
7 KB 22ms
22ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.5
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51d0e85097a841f69894079309ad6368bb01eb0a51411d8cf61038a7fcc49a51

Request headers

:path: /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6458
cf-polished: origSize=35168
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 20:50:28 GMT
server: cloudflare
etag: W/"8960-5c84940c084e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SG2c30yFFt8s6GNvkiImRxYfvKgfUw1zbE1mxTIKVwAO4BTRwMYKYbW5hA%2FZQSKN5ALRFELd86fhk4Wzz1gWDbfzxHgJfzPyjby30Zckd7KAMGooT6sNCHHgj2xLZKfcKx1pEQoQZfbzlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 690ecad759a04e55-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 47ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48760d29d10bc648d24c47f5dc9d8776980574563aca98f71ebbb9ce77323f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49025
x-xss-protection: 0
server: cafe
etag: 8636760341316477531
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:45:37 GMT

GET
H2 200 wp-emoji-release.min.js Show response
all-news.co/wp-includes/js/ 18 KB
5 KB 12ms
12ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jul 2021 22:16:13 GMT
server: cloudflare
age: 6456
etag: W/"4705-5c7d1c05fae0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAQJPSQ0nL5SFvSD0%2BhZ4sxDTNY8N1PQdgLTpBMSB2ZpSyS3C1cdWhRtNYk2INP24xt9KWnt%2BxAMc0Wfode0Cb%2BHGsZtoy8TNnCoOR%2FyED9Cv6HiDgEdV%2Btl1p9mvcD9NgAKVCKLz6wNfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 690ecad799d84e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 43ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26fb4bebfdde8d8ddc949041d94643fb3f1d14a99f43a6f5f2d1cbd8f9bad20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49006
x-xss-protection: 0
server: cafe
etag: 16865067465553567238
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:45:37 GMT

GET
H2 200 email-decode.min.js Show response
all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 17ms
16ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Sep 2021 09:29:40 GMT
server: cloudflare
etag: W/"61446004-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtDwrlWpS5VM8WNFcMNDLcQ5r8YJusMbmaYYPnX%2BfA8TKmeBHADZ%2Bbl1dqdNpkPLzK5cD3WMvX3oQi5Knw2iepYgIEAyDeLnO0nF01%2Bvo3lbqHl3i9q%2FOIkM1RWZjGvTeYn7LzmVxHjaQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 690ecad799df4e55-FRA
vary: Accept-Encoding
expires: Tue, 21 Sep 2021 00:45:37 GMT

GET
H2 200 underscore.min.js Show response
all-news.co/wp-includes/js/ 19 KB
8 KB 24ms
23ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

:path: /wp-includes/js/underscore.min.js?ver=1.13.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jul 2021 22:16:13 GMT
server: cloudflare
age: 6458
etag: W/"4a84-5c7d1c0601782"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lksJjRqYNKiBAhfmTUqxEI119cynXkxfFEh4eUD4pGmonSO7RFIKjwkvqq1YSd0B2Cn6Kp5c%2FrKRagLNJoi2tIWIxfrk%2BfvsKrHGkwdjfGL2kptOZC%2FwXJPYttJRVb08fPbf5Nm6B7Pilw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 690ecad799e04e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js_posts_autoload.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 16ms
15ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=c19aec6a20dc470dea3def4ce71e04d5
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=c19aec6a20dc470dea3def4ce71e04d5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Jul 2021 17:41:18 GMT
server: cloudflare
age: 6458
etag: W/"1428-5c85aba19536c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jyv4bSSW%2FKXX8ceJLWSrzefk%2FxO8AH8qBPMNh9l9OCkWH8VpAb8CnV%2Br15DuYt1UJqaTcXMoa21OnPKb%2Bvi2Iuv7XwnNKg6wG8oYqQUT6GmIkS6BDaw0bwDlNlsdlcQUXHWaV4Mhjt4Yhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 690ecad799e14e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 tagdiv_theme.min.js Show response
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/ 257 KB
60 KB 38ms
37ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Jul 2021 17:41:10 GMT
server: cloudflare
age: 6457
etag: W/"4029c-5c85ab99edf69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWj%2FHHP5DeF7CbbySCG9PEHZqz8T4%2BfeudXg2VXtYZeKcwV5ehWSA1fsW%2BuQ2yX1XIihRnUWqlbTv1m70rxVspdQyglMDcltQcUK%2BImFJczELg%2FUq2OHgpmPAUI1CWGS1FWAR7Z3KZMYeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 690ecad799e34e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 comment-reply.min.js Show response
all-news.co/wp-includes/js/ 3 KB
2 KB 17ms
16ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/comment-reply.min.js?ver=5.8.1
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 14:30:28 GMT
server: cloudflare
age: 6458
etag: W/"ba8-5c003b4783f65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEQ0ZXaLzelXd6TbQ3Clx7n3GZyZkHio%2BL2cc1rAiX2pxxOfnnVfVAQQKxh1VVSgoWKeOdUr7ePTm%2FeCLeIKQURcXnmWCiNVq6cakGPdWG5FOWJCR6ZmRGab1%2FuMlw0XMIj6EiWa5nHh%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 690ecad799e44e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js_files_for_front.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 37 KB
9 KB 21ms
21ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=c19aec6a20dc470dea3def4ce71e04d5
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a22f85f1a257dfe812b91e347ffff79eee4cff5eb89f0b429a32ae1ab96d8adc

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=c19aec6a20dc470dea3def4ce71e04d5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Jul 2021 17:41:18 GMT
server: cloudflare
age: 6458
etag: W/"92cd-5c85aba19536c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6E8zxF%2Bil%2FF1hiaAAb4%2FP19FnpbtEW%2BKRU3mNtHjLd38PxWoFu0wFkZtEeFoERLQPoqICKIpRO4%2B5zmFISwUPSST9xcrifLcGclDvqbhuqReXT3X43Fp0jZKD7hCiPcYD2oFEoS6LBwS%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 690ecad799e54e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 wp-embed.min.js Show response
all-news.co/wp-includes/js/ 1 KB
1 KB 16ms
15ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Feb 2021 02:30:35 GMT
server: cloudflare
age: 6458
etag: W/"592-5ba797d0ae3d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJpgprN79tFf9lCWdrkxAnIQictA2zDmbd33sk%2F4RoVmv0AaZK0YqGnCIjWjlmfeuqEatOqXTqOsQ2Te6ZE2%2Blg48nAOcR94HBpPbWYY0N%2B%2BZCIzhGNJFZTIN9q984H19VyTh0IkWQYX7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 690ecad799e64e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 63ms
14ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1402
etag: W/"3e792b2dc76a5a063e1c4f30d40ae527"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 690ecad7ff142484-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 22 Sep 2021 00:45:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 36ms
11ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6817
date: Sat, 18 Sep 2021 22:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 19 Sep 2021 00:52:00 GMT

GET
H2 200 mobile-bg.jpg
all-news.co/wp-content/uploads/2021/01/ 43 KB
43 KB 14ms
13ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/01/mobile-bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a

Request headers

:path: /wp-content/uploads/2021/01/mobile-bg.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3768
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43847
last-modified: Sat, 30 Jan 2021 22:15:34 GMT
server: cloudflare
etag: "ab47-5ba2575ae8adc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmwbMqoWsczg1mE4D7tNySHIBGziydiCNYSgO4yTbcfmPkxOdzNszK4iAo3UCfZG25fTx3ouaSK3IYUF7G3JCy%2FH5Qa7yZufICMBBNPmNziuL88%2Bv4udX6oNRxylMmzDvZ%2FS1n8JU9Hx4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecad7ba094e55-FRA

GET
H2 200 newspaper.woff
all-news.co/wp-content/themes/Newspaper/images/icons/ 24 KB
17 KB 25ms
24ms Font
application/font-woff 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

:path: /wp-content/themes/Newspaper/images/icons/newspaper.woff?19
pragma: no-cache
origin: https://all-news.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: all-news.co
referer: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11.2
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Jul 2021 17:41:03 GMT
server: cloudflare
age: 3768
etag: W/"6120-5c85ab932ee49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxlYAwu0aLwA7FxxftIY5tkVqq1rDEHju5XZ6xHoZ%2F52OZ57il0QRpcwFlvMgslme%2B%2BMnGDsYj7w7hbI874Wd9SdSIoaDPI7Khgpqiuz86g92AddA7upZ4KUs1IhWWStDAVVothu2xAIOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 690ecad7ba0a4e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 newspaper-icons.woff
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 6 KB
4 KB 26ms
25ms Font
application/font-woff 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
pragma: no-cache
origin: https://all-news.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: all-news.co
referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Jul 2021 17:41:10 GMT
server: cloudflare
age: 3766
etag: W/"1744-5c85ab99da300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRyHOj%2B%2FVVwcaqzcQsYG%2BHFxd22%2Bes7%2BfkgZq59YHO8ZNIF3z7XVb7gE7iHbblRXGauUmqXt03Np3oFmje4Oe7GTHgyDZsO5aFeE2qLQGENb4pu84iWZV3VuHcErmuvDcTzrayYJgBaDTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 690ecad7ba0d4e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
15 KB 36ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 04:26:58 GMT
x-content-type-options: nosniff
age: 505119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 04:26:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 35ms
11ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:03:18 GMT
x-content-type-options: nosniff
age: 420139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 04:03:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 32ms
17ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:49:36 GMT
x-content-type-options: nosniff
age: 284161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 17:49:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 26ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 03:59:10 GMT
x-content-type-options: nosniff
age: 420387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 03:59:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 12:19:08 GMT
x-content-type-options: nosniff
age: 131189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Sep 2022 12:19:08 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:03:27 GMT
x-content-type-options: nosniff
age: 157331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 05:03:27 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:10:42 GMT
x-content-type-options: nosniff
age: 419696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:40 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 04:10:42 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 253 KB
94 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

416b14dfa5938018e98069c1d0547adc3fc79a256762eb67a825ce6fb4462077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95713
x-xss-protection: 0
server: cafe
etag: 5504640264288216090
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:45:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/ Frame C982 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210915/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 18 Sep 2021 12:31:14 GMT
expires: Sat, 02 Oct 2021 12:31:14 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 44064
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1941979421&t=pageview&_s=1&dl=https%3A%2F%2Fall-news.co%2F&ul=en-us&de=UTF-8&dt=Home%20-%20all-news&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=789276651&gjid=1997781847&cid=1571109946.1632012338&tid=UA-185019636-1&_gid=560830841.1632012338&_r=1&_slc=1&z=255955443

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 00:45:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
457 B 44ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-185019636-1&cid=1571109946.1632012338&jid=789276651&gjid=1997781847&_gid=560830841.1632012338&_u=IEBAAEAAAAAAAC~&z=274906257

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 19 Sep 2021 00:45:38 GMT
content-type: text/plain
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 scattered-clouds-n.png
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/weather/ 20 KB
20 KB 13ms
13ms Image
image/png 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/weather/scattered-clouds-n.png
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90076c521da0725b47f6c146c70f0372a2bc3477f88a6c39159e070ac5cd06c2

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/weather/scattered-clouds-n.png
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3768
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20140
last-modified: Fri, 30 Jul 2021 17:41:10 GMT
server: cloudflare
etag: "4eac-5c85ab99d9748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D90CP3ktE5MAjtfA2aoOxd69ASLDvAJLsGpNE3WeA%2BjTzMCrmICiSC1NXqyazGgzz4rv8tjPPnfpiBcy0qLeRpUwa30NnfK9OgVWAtsnXRSYRGev3eZDXb6tG5RhONm37A2qPA7JhkFcMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecad96b6d4e55-FRA

GET
H2 200 elements.png
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
4 KB 55ms
55ms Image
image/png 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:38 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 30 Jul 2021 17:41:10 GMT
server: cloudflare
etag: "1035-5c85ab99d9b30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jI5sfZEgNbX21N7pPcat7hJqRWoBs2phY8MUS0i8uA7ybHDLNYPsnk0BTYW7ynYrpUx8Bhkm5wLYerfFzDjzQA41%2BYvJ251Bvx84bbHDx2c0akN79R%2B56XCeeYkTz5ny4Sx1EdpC%2FLUcSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 690ecad96b6e4e55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4149

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
659 B 114ms
16ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=all-news.co&callback=_gfp_s_&client=ca-pub-8439024877331049

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4b3d5c81fb072231513c1463ad8abbf44d731ac51595c302edd83d12be65499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
853 B 83ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Sep 2021 00:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 48ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Sep 2021 00:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CCAD 239 KB
57 KB 483ms
482ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1632012338&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338053&bpp=9&bdt=267&idt=131&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1865723874444&frm=20&pv=2&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=145

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

038be0b60446470d8b157d17a63efadcacbcf2691dfc70e0f47c3854f60674ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1632012338&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338053&bpp=9&bdt=267&idt=131&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1865723874444&frm=20&pv=2&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=145
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 Sep 2021 00:45:38 GMT
server: cafe
content-length: 58190
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-Sep-2021 01:00:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 19 Sep 2021 00:45:38 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 68ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1631879122047051"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sun, 19 Sep 2021 00:45:38 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 93C8 80 KB
27 KB 470ms
469ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1632012338&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338062&bpp=10&bdt=276&idt=156&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9lWn1mS41f&p=https%3A//all-news.co&dtd=160

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12ec05507a15fd8b35ff248204c99aa76b1ae894fd4559a3385072599644f9d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1632012338&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338062&bpp=10&bdt=276&idt=156&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9lWn1mS41f&p=https%3A//all-news.co&dtd=160
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 Sep 2021 00:45:38 GMT
server: cafe
content-length: 26960
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-Sep-2021 01:00:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 19 Sep 2021 00:45:38 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 91E1 133 KB
42 KB 477ms
477ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6716237659&adk=3271757693&adf=2516129113&pi=t.ma~as.6716237659&w=324&fwrn=4&fwrnh=100&lmt=1632012338&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338141&bpp=20&bdt=355&idt=108&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1010&ady=1702&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bSfD72firN&p=https%3A//all-news.co&dtd=112

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c1fa0e08a46f56229c148528d8fa0e4ee5d950c4bd097bdab4b7935e7b8d1f8

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COeZxN3nifMCFZKL3godSngDkw&gqi=MohGYaT8D5ep3gPbj5WQCA&layout=/sadbundle/%24csp%253Der3%24/16382388194385666789/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6716237659&adk=3271757693&adf=2516129113&pi=t.ma~as.6716237659&w=324&fwrn=4&fwrnh=100&lmt=1632012338&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338141&bpp=20&bdt=355&idt=108&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1010&ady=1702&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bSfD72firN&p=https%3A//all-news.co&dtd=112
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COeZxN3nifMCFZKL3godSngDkw&gqi=MohGYaT8D5ep3gPbj5WQCA&layout=/sadbundle/%24csp%253Der3%24/16382388194385666789/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 Sep 2021 00:45:38 GMT
server: cafe
content-length: 41812
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-Sep-2021 01:00:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 19 Sep 2021 00:45:38 GMT
cache-control: private

GET
H2 200 footer_bg.jpg
all-news.co/wp-content/uploads/2021/01/ 105 KB
105 KB 16ms
16ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/01/footer_bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a

Request headers

:path: /wp-content/uploads/2021/01/footer_bg.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 107441
last-modified: Sat, 30 Jan 2021 22:15:20 GMT
server: cloudflare
etag: "1a3b1-5ba2574d2c0a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=563Abui0wZIcFQxvUtmvYTGBCDoZV6tFDhu0zcuCpdpz6UBzxrZJgod6iDqyxG2IrQLq%2FnbS5X7ZJMfsxvQgnKlIVq1UfNdsaKounSNTHyzyLX7WPz5Ge8ER6gM54rY%2B6XqJt0OWtApi3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecadb4cde4e55-FRA

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 25ms
24ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151507
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 534047d152df49b3ea66735a76a84aeaa993e3d193e8dff1daf39aff2d5fa43c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:38 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1796
etag: W/"7cb42d545f90e08baa9fa2499b1edad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 690ecadbc92f2484-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 22 Sep 2021 00:45:38 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/392339f7-d71c-4ce5-9621-025c65a4d04d/ 3 KB
2 KB 47ms
23ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/392339f7-d71c-4ce5-9621-025c65a4d04d/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R) 6.0.8

Resource Hash

e474232bb61c9508ea9b39001f7c785f8734030f7e4287f9a7d2b1c9e7ce5cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 987
x-powered-by: Phusion Passenger(R) 6.0.8
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d9587bbd-edab-48dd-b59c-dc8a320fe5b3
x-runtime: 0.034269
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"78dea27b5fa7e0efeb30f38521b500b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-polished: origSize=3288
cf-ray: 690ecadc597d2484-FRA
access-control-allow-headers: SDK-Version
expires: Sun, 19 Sep 2021 01:45:38 GMT

GET
H2 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 15ms
14ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151507
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:38 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1557
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 690ecadc89a12484-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 22 Sep 2021 00:45:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 93C8 2 KB
611 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1632012338&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338062&bpp=10&bdt=276&idt=156&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9lWn1mS41f&p=https%3A//all-news.co&dtd=160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6bbd33699a44514373f2c019844adf69e8f02fe660a54215e725071f9fe7e750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 23:10:16 GMT
server: ESF
date: Sun, 19 Sep 2021 00:45:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Sep 2021 00:45:38 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 93C8 1 KB
937 B 35ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 22:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 22:34:39 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame 93C8 18 KB
8 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:41:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 93C8 2 KB
1 KB 32ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:36:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93C8 128 KB
39 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1631879102694099"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sun, 19 Sep 2021 00:45:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 93C8 14 KB
6 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:29:34 GMT

GET
H2 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 93C8 26 KB
11 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 04:03:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Fri, 17 Dec 2021 08:23:01 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15103823707202493378/ Frame 93C8 13 KB
13 KB 29ms
11ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15103823707202493378/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee41ee9d7153c868320389f164b3e6d6e631c368121e2d6eecedd5393b24bcce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:23:28 GMT
x-content-type-options: nosniff
age: 141730
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13230
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 10:51:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Sep 2022 09:23:28 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 93C8 0
0 20ms
19ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPCx1MohGYZnYDv-zx_AP8diP6AS8yOrjZPmx5OWFDtvZHhABIMzT7IIBYJUCoAGxpf2BA8gBBqkCwDTIRDEqhT6oAwHIA8sEqgSpAU_QXA0VLvJq1bXkniHlAv2mW27X8kRnLGhVuvr6w4a7wqSUFaYTLqVybtlWBKSTCLllwt1fRSsueC9xu6FF7DwQWuKWeADKUUYXq5NG77Wjq-2ilOKSFVuXyORbcw5vmQ0Ewe60j4L9CF1BNKyadv0xhi27Uhm_uXl0sy4yS-RXpxDaKR76KrHew_4iVNIEEgWrdi22qRHH5ZaF9FB9BT_EmleU3_liFAjABNfVn7jYA5IFBAgEGAGSBQQIBRgEoAY3gAe32oJ-qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBBCSrwHSCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=h9REwqzgg_g&template_id=492

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1632012338&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338062&bpp=10&bdt=276&idt=156&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9lWn1mS41f&p=https%3A//all-news.co&dtd=160
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 19 Sep 2021 00:45:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Sep 2021 00:45:38 GMT

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 145 KB
52 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/reactive_library_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1affc9ba26acca966d316f61f00df19bf4f7dd07b346ac985f3dac2204ae46e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53050
x-xss-protection: 0
server: cafe
etag: 8787847263673547960
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:45:38 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 91E1 67 B
196 B 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6716237659&adk=3271757693&adf=2516129113&pi=t.ma~as.6716237659&w=324&fwrn=4&fwrnh=100&lmt=1632012338&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338141&bpp=20&bdt=355&idt=108&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1010&ady=1702&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bSfD72firN&p=https%3A//all-news.co&dtd=112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 18 Sep 2021 08:10:46 GMT
x-content-type-options: nosniff
server: cafe
age: 59692
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sun, 19 Sep 2021 08:10:46 GMT

GET
DATA 200
OK truncated
/ Frame 93C8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e28dc99a44f9223de4aaddda23e96fbb1e0437ec4a9cc4bd5364aea14ec46f59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
fonts.gstatic.com/s/lora/v17/ Frame 93C8 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v17/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b874445c1c5f287cca4f88a9b939270676c7ad03c9c7209a33a5907ae731fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 06:43:06 GMT
x-content-type-options: nosniff
age: 583352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19144
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:52:45 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 06:43:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Sep 2021 00:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Sep 2021 00:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/ Frame 6D7D 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkAU-yvWVa10t9BGF5-4FqejUpxJCeDbXauw4K0V9HZRE_s6n8sUCNsmzvXhEE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 18 Sep 2021 01:20:06 GMT
expires: Sat, 02 Oct 2021 01:20:06 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 84332
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/ Frame 28F6 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkAU-yvWVa10t9BGF5-4FqejUpxJCeDbXauw4K0V9HZRE_s6n8sUCNsmzvXhEE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 18 Sep 2021 01:20:06 GMT
expires: Sat, 02 Oct 2021 01:20:06 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 84332
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/ Frame ADAF 18 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/issosales/hrefly.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

730a42a7c6e3a903b95f415359bb560282542bed2f264c95aee21e0e132e70d7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/16382388194385666789/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 14 Sep 2021 01:24:13 GMT
expires: Wed, 14 Sep 2022 01:24:13 GMT
last-modified: Wed, 11 Aug 2021 08:41:02 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 4151
age: 429685
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame EB29 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq_2PMohGYee4EJKX-gbK8I2YCaroxK9k_PzR0bIO__WQ49cCEAEgzNPsggFglQKgAb6LkdADyAEJqQIYQynVuKuzPqgDAcgDSKoEqwFP0BUrgOOYpaFloK9nDmLZpbdOtzFr_DcC54UlgtJaRvjtTEyFBrjFWv0DdFM_oa0sfcctWZH8qTqbTkrEMfHBuNorUcD2okOrMa8WSPt0IQXoQLabpGzuQupjMuBuAEwDvm8m7mY1fhHsI1Kj-Wf3XuH1z_XfwIhfgcOeLOMFoDooTppQtIfNyDhTQxbnPHxr0WTclRwwyT7Xl7pSW254vMvKryUSRD4vT8PABNyzsbP0A5IFBAgEGAGSBQQIBRgEoAYugAfq0pUwqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBCg9wLSCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=ZTxx827tyxo&template_id=419

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/issosales/hrefly.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6716237659&adk=3271757693&adf=2516129113&pi=t.ma~as.6716237659&w=324&fwrn=4&fwrnh=100&lmt=1632012338&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338141&bpp=20&bdt=355&idt=108&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1010&ady=1702&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bSfD72firN&p=https%3A//all-news.co&dtd=112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 19 Sep 2021 00:45:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame EB29 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:41:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame EB29 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:36:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB29 128 KB
39 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1631879102694099"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sun, 19 Sep 2021 00:45:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame EB29 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:29:34 GMT

GET
H2 200 1cNYsg18Ntl-dLR0EWIlBptOsTN7Mb0i9rJo18o3efQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 90BF 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1cNYsg18Ntl-dLR0EWIlBptOsTN7Mb0i9rJo18o3efQ.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c358b20d7c36d97e74b474116225069b4eb1337b31bd22f6b268d7ca3779f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 15:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13345
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 15:08:38 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0502 143 B
226 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6716237659&adk=3271757693&adf=2516129113&pi=t.ma~as.6716237659&w=324&fwrn=4&fwrnh=100&lmt=1632012338&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338141&bpp=20&bdt=355&idt=108&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1010&ady=1702&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bSfD72firN&p=https%3A//all-news.co&dtd=112
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkAU-yvWVa10t9BGF5-4FqejUpxJCeDbXauw4K0V9HZRE_s6n8sUCNsmzvXhEE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=6716237659&adk=3271757693&adf=2516129113&pi=t.ma~as.6716237659&w=324&fwrn=4&fwrnh=100&lmt=1632012338&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012338141&bpp=20&bdt=355&idt=108&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1010&ady=1702&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bSfD72firN&p=https%3A//all-news.co&dtd=112

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 19 Sep 2021 00:00:06 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 6D7D 4 KB
729 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 22:53:40 GMT
server: ESF
date: Sun, 19 Sep 2021 00:45:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Sep 2021 00:45:39 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6D7D 205 B
491 B 8ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 23:43:02 GMT
x-content-type-options: nosniff
age: 3757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 18 Sep 2022 23:43:02 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6D7D 604 B
695 B 7ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 14:59:46 GMT
x-content-type-options: nosniff
age: 35153
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 18 Sep 2022 14:59:46 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/elements/html/ Frame 6D7D 17 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 23:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7656
x-xss-protection: 0
server: cafe
etag: 8352096984186353373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 23:53:16 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 28F6 0
0 19ms
19ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBIZZMohGYdedDYjMgQeC746YA9uCo59luMGM9KkO3Nj2mP4OEAEgzNPsggFglQKgAZmO2eoCyAECqAMByAPJBKoEqAFP0PPkBlZ9WtE6gOnkMgjudPaQdYdw7XvwiHrzsLMiMmlwCki5dk2xitIgLGl2z9IoNTn7L653cqjy8iCOl9at7BiYPh7cC10xOAQgEpdrb6T88FjleYQAwZywk2shffpOSByKooyYgsTYKuk6LjFnBrVwNNHk-RtA4UktWcI2oQRXMRN8c1CzPp46naTeocq-82w7Z8ku307-rHi4KFifrTOH4MC3HiXABIXJkK_UA5IFBAgEGAGSBQQIBRgEoAYCgAfs1PbpAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwQQ1PMB0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=ombva-BpY-o

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/issosales/hrefly.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 19 Sep 2021 00:45:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame 28F6 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:41:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 28F6 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:36:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 28F6 128 KB
39 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1631879102694099"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sun, 19 Sep 2021 00:45:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 28F6 14 KB
6 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:29:34 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 28F6 26 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a5a8396abf78790c1831c48ac3abb959821f8c99aa2a37151e3d1594f8b1c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 14:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
server: cafe
etag: 553973696465445763
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 14:07:01 GMT

GET
H2 200 5915088194208543021
tpc.googlesyndication.com/simgad/ Frame 28F6 9 KB
9 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5915088194208543021?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnBQilWTZR6KrwP5-xho9jaj4tTTw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9638ef2571f3789e83422ba28634f88da60685243594568acbcdd5e4ac3d9023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:02:19 GMT
x-content-type-options: nosniff
age: 42200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8993
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 16:16:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 18 Sep 2022 13:02:19 GMT

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame ADAF 9 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 09:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 19 Sep 2021 09:22:53 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame ADAF 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 23:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:30:30 GMT

GET
H2 200 c6afb71c43a6f510a28d0c5a9b6e8216.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/ Frame ADAF 77 KB
20 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/c6afb71c43a6f510a28d0c5a9b6e8216.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d12411c852fcc11ebba43ff3acf0e5eb913439df6684cf56b4b85b0be15cef1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 494022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20438
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 08:41:02 GMT
server: sffe
date: Mon, 13 Sep 2021 07:31:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 07:31:57 GMT

GET
DATA 200
OK truncated
/ Frame EB29 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff39c520170d9bca043dffc9bfc40731db14b45d7c3283d9832952d3c8ecb0e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame C545 3 KB
651 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 22:57:21 GMT
server: ESF
date: Sun, 19 Sep 2021 00:45:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Sep 2021 00:45:39 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame C545 1 KB
907 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 22:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 22:34:39 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame C545 18 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:41:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame C545 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:36:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C545 128 KB
39 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1631879102694099"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sun, 19 Sep 2021 00:45:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame C545 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:29:34 GMT

GET
H2 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame C545 26 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 04:03:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Fri, 17 Dec 2021 08:23:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame ADAF 4 KB
664 B 21ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:900|Roboto:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/c6afb71c43a6f510a28d0c5a9b6e8216.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f8303bb870db3bc3af5b70fcefacf6dbdb9a79ed0ae08b59aab86b44d506d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 19 Sep 2021 00:21:56 GMT
server: ESF
date: Sun, 19 Sep 2021 00:45:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Sep 2021 00:45:39 GMT

GET
H2 200 a6bbc0bf7adcea5559699818d25507fb.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/media/ Frame ADAF 2 KB
1 KB 11ms
9ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/media/a6bbc0bf7adcea5559699818d25507fb.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0021fcf6011bbb68d059ae5ebda2cc09c8bee217a8b65868072cd991b8e5e564

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 441704
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 08:41:02 GMT
server: sffe
date: Mon, 13 Sep 2021 22:03:55 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 22:03:55 GMT

GET
H2 200 090c3058d48414054f8570c62f4c2c96.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/media/ Frame ADAF 19 KB
19 KB 13ms
11ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/media/090c3058d48414054f8570c62f4c2c96.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90e37206ec638101401c17bb4eba2bebbf52828095a2669e670778e88399e9a7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 441704
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19504
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 08:41:02 GMT
server: sffe
date: Mon, 13 Sep 2021 22:03:55 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 22:03:55 GMT

GET
H2 200 1243eebfe46fdb2a6cb7658b4fd37d0a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/media/ Frame ADAF 766 B
835 B 13ms
11ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/media/1243eebfe46fdb2a6cb7658b4fd37d0a.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4eb1a83d03b84f8a87f0aacefce3a5124642219ca4a08ceb3ae926b00fdde91

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 441704
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 766
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 08:41:02 GMT
server: sffe
date: Mon, 13 Sep 2021 22:03:55 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 22:03:55 GMT

GET
H2 200 d0f22751b043d1784be61dc7b41b28f3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/media/ Frame ADAF 1 KB
1 KB 11ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/media/d0f22751b043d1784be61dc7b41b28f3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

655e629b9417fa0b28009b49f5fa20c397c889ad4a83d664e3a3fc110a329041

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 494166
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1190
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 08:41:02 GMT
server: sffe
date: Mon, 13 Sep 2021 07:29:33 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 07:29:33 GMT

GET
H2 200 ec86897df20292ba6882a87934abac7e.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/media/ Frame ADAF 32 KB
32 KB 13ms
11ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/media/ec86897df20292ba6882a87934abac7e.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8abf96a942db307ad109c07911387cc201ec0907ad3a323f960a383788be0c72

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 43471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32631
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 08:41:02 GMT
server: sffe
date: Sat, 18 Sep 2021 12:41:08 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Sep 2022 12:41:08 GMT

GET
H2 200 68205a7bba4eca78358f122322a6922b.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/media/ Frame ADAF 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/media/68205a7bba4eca78358f122322a6922b.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16382388194385666789/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32b47a3ee3ee877ea3de7f07c5e523d503c4144599479d967ddb9a32ded8957f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 225721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1004
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 08:41:02 GMT
server: sffe
date: Thu, 16 Sep 2021 10:03:38 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Sep 2022 10:03:38 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D50 143 B
198 B 9ms
8ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkAU-yvWVa10t9BGF5-4FqejUpxJCeDbXauw4K0V9HZRE_s6n8sUCNsmzvXhEE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 19 Sep 2021 00:00:06 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame ADAF 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:49:36 GMT
x-content-type-options: nosniff
age: 284163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 17:49:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame ADAF 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 17:44:46 GMT
x-content-type-options: nosniff
age: 543653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 17:44:46 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0502
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
167 B

15ms
15ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkAU-yvWVa10t9BGF5-4FqejUpxJCeDbXauw4K0V9HZRE_s6n8sUCNsmzvXhEE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 19 Sep 2021 00:45:39 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 19-Sep-2021 01:45:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 19 Sep 2021 00:45:39 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 19 Sep 2021 00:45:39 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1cNYsg18Ntl-dLR0EWIlBptOsTN7Mb0i9rJo18o3efQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F631 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1cNYsg18Ntl-dLR0EWIlBptOsTN7Mb0i9rJo18o3efQ.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/issosales/hrefly.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c358b20d7c36d97e74b474116225069b4eb1337b31bd22f6b268d7ca3779f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 15:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13345
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 15:08:38 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D50
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

15ms
15ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkAU-yvWVa10t9BGF5-4FqejUpxJCeDbXauw4K0V9HZRE_s6n8sUCNsmzvXhEE; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 19 Sep 2021 00:45:39 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 19-Sep-2021 01:45:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 19 Sep 2021 00:45:39 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 19 Sep 2021 00:45:39 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1cNYsg18Ntl-dLR0EWIlBptOsTN7Mb0i9rJo18o3efQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DCF 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1cNYsg18Ntl-dLR0EWIlBptOsTN7Mb0i9rJo18o3efQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c358b20d7c36d97e74b474116225069b4eb1337b31bd22f6b268d7ca3779f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 15:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13345
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 15:08:38 GMT

GET
H2 200 1cNYsg18Ntl-dLR0EWIlBptOsTN7Mb0i9rJo18o3efQ.js Show response
pagead2.googlesyndication.com/bg/ Frame ADAF 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1cNYsg18Ntl-dLR0EWIlBptOsTN7Mb0i9rJo18o3efQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c358b20d7c36d97e74b474116225069b4eb1337b31bd22f6b268d7ca3779f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 15:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13345
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 15:08:38 GMT

GET
H2 200 icon Show response
onesignal.com/api/v1/apps/392339f7-d71c-4ce5-9621-025c65a4d04d/ 44 B
660 B 307ms
291ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/392339f7-d71c-4ce5-9621-025c65a4d04d/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R) 6.0.8

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-powered-by: Phusion Passenger(R) 6.0.8
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2dd27717-5a7a-4c9e-a368-1f4760ebd3f9
x-runtime: 0.011144
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7200
cf-ray: 690ecae08b984db8-FRA
access-control-allow-headers: SDK-Version
expires: Sun, 19 Sep 2021 02:45:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Sep 2021 00:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Sep 2021 00:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A24A 21 KB
10 KB 475ms
475ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1965034739&adf=613035099&pi=t.ma~as.9785579158&w=300&lmt=1632012339&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012339416&bpp=1&bdt=1630&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8c755f505fdae66-224b71a438c90003%3AT%3D1632012338%3ART%3D1632012338%3AS%3DALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw&prev_fmts=0x0%2C712x178%2C324x250%2C1600x1200%2C1005x124&nras=3&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1022&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_XV8lAbozukdUFiS-nd5N5rNx3j1O9Mq8D5oz9k5pkWs9-soYLM7KBCaU8yoHXyksuw06-U16djw%2CAGkb-H8gcI8dqe7Bh_BzjSin9SGj_xcQi5yTpsPDWP2VHeBYYxgKhoiumF6DsCgZwbwSGaazwoDX187LL5_lh_Jzuh2JvmSO9TnJKICXTzY&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=LIEvEeJmCL&p=https%3A//all-news.co&dtd=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

335f0f351fdaa87818993ad5ae0c6b59faa42ce90c97c6ca3f653057da7b0735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1965034739&adf=613035099&pi=t.ma~as.9785579158&w=300&lmt=1632012339&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012339416&bpp=1&bdt=1630&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8c755f505fdae66-224b71a438c90003%3AT%3D1632012338%3ART%3D1632012338%3AS%3DALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw&prev_fmts=0x0%2C712x178%2C324x250%2C1600x1200%2C1005x124&nras=3&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1022&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_XV8lAbozukdUFiS-nd5N5rNx3j1O9Mq8D5oz9k5pkWs9-soYLM7KBCaU8yoHXyksuw06-U16djw%2CAGkb-H8gcI8dqe7Bh_BzjSin9SGj_xcQi5yTpsPDWP2VHeBYYxgKhoiumF6DsCgZwbwSGaazwoDX187LL5_lh_Jzuh2JvmSO9TnJKICXTzY&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=LIEvEeJmCL&p=https%3A//all-news.co&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkAU-yvWVa10t9BGF5-4FqejUpxJCeDbXauw4K0V9HZRE_s6n8sUCNsmzvXhEE; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 Sep 2021 00:45:39 GMT
server: cafe
content-length: 10471
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 22ms
22ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210915&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01aac0274e3a992241baf24243554ed23ac5e9760de3b7ab78f0138910e37b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Sep 2021 00:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8512
x-xss-protection: 0

GET
H2 200 5036-amari-niblack-set-on-being-the-next-julio-jones-324x400.jpg
all-news.co/wp-content/uploads/2021/09/ 19 KB
19 KB 21ms
20ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones-324x400.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1ce7615f599f8dc5600c5335cd8e81b0982e05946f646bf12b846e4bc018c5

Request headers

:path: /wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19526
last-modified: Sat, 18 Sep 2021 20:24:51 GMT
server: cloudflare
etag: "4c46-5cc4ad7179216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPtCL8gVg4hSLgyNtA671d0vrcBiDaLcr9ArzTt0t%2BNnuYg4upgdkICANzmyQyhCSPkS9wASNxP3ebhRpSyiBglDfkMAm2i3n1%2FvyGUiZ5pV35%2FPwrLu%2BnHJBQFs3PsVe2vE2448XYl5ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae1da0c4e55-FRA

GET
H2 200 5032-aston-villa-vs-everton-follow-the-action-live-on-f365-324x400.jpg
all-news.co/wp-content/uploads/2021/09/ 8 KB
8 KB 19ms
18ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-324x400.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d344d22787e95dcd2d7f9009d837443b5c0e1e60a2b5a0a7e5e80f405983a31f

Request headers

:path: /wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8211
last-modified: Sat, 18 Sep 2021 17:24:51 GMT
server: cloudflare
etag: "2013-5cc4853519271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFrcRI%2Bg4ZNBq8bu6dXJIck%2BTaQIBIsG6tjKCOD72lfW67rll%2BE4YBFTmPx3oLUPttmdVdUR5u9dfZghOXQOcjJXWbvDFODSFjak%2FItgfrH9Mze%2FbRvaNDGT2yLsYQrbVo9T01VMag%2Fp%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae1da0d4e55-FRA

GET
H2 200 5030-vikes-griffen-in-protocol-after-deer-causes-wreck-324x400.jpg
all-news.co/wp-content/uploads/2021/09/ 23 KB
23 KB 29ms
28ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-324x400.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f413a90fb9fa4b649ed4e52a2c80a1dddcf6701e646b6edbd2d9b7e4641048

Request headers

:path: /wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23064
last-modified: Sat, 18 Sep 2021 15:28:36 GMT
server: cloudflare
etag: "5a18-5cc46b3999c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxQw1CsLTa0QZ2QVkrsuBw1gLs%2FBNASHm5Pdx6X9wYMvwyf5c3%2FchBbfibtfP7pg7sULVnEm53hrIRmWSqlxiiyskaGZ2UwBO0MyWzcHcdDH3EE1v%2BWoyrHP1TnG9%2BWY06BzSFFxZ2I4TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae1da0e4e55-FRA

GET
H2 200 5020-miami-dolphins-notebook-injury-update-tough-wr-decision-coming-more-324x400.jpg
all-news.co/wp-content/uploads/2021/09/ 31 KB
31 KB 14ms
13ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5020-miami-dolphins-notebook-injury-update-tough-wr-decision-coming-more-324x400.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 423c2ec0d45d64c11b73ae70f0c6c802cbc6e89acf8eececfdaba95e5b46e1dd

Request headers

:path: /wp-content/uploads/2021/09/5020-miami-dolphins-notebook-injury-update-tough-wr-decision-coming-more-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31592
last-modified: Fri, 17 Sep 2021 20:24:43 GMT
server: cloudflare
etag: "7b68-5cc36b8be05e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDXKqq121jR%2Bews82aiUZjLwqSWvMAZew8tFj1ic45087Qp%2B19OhT3RujXD%2BCHhJ1a4QeelbyLlfqTH9Jy8cq57q3fapOq6y1nu0a81RWxs8xl15%2Fjqxuk4DMZ2S9lCQjhBMfvjhCNtcjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae1da0f4e55-FRA

GET
H2 200 5036-amari-niblack-set-on-being-the-next-julio-jones.jpg
all-news.co/wp-content/uploads/2021/09/ 24 KB
24 KB 22ms
22ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffcbd2ba45f11350c0023d62d5170688877e6d172e691aa6a8b31af7d95c3b59

Request headers

:path: /wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24185
last-modified: Sat, 18 Sep 2021 20:24:51 GMT
server: cloudflare
etag: "5e79-5cc4ad715e465"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhPKEp6D08ZW%2Fp1AO01%2BUOqoHVgeXurkQoesH6VHc6OIGTcvCd7kFTyDxJZp%2BYP0Q3Dtz%2BIaO7fFQMVWHlEv1X4FiuISWMiyUtT5aJzyoCgp0%2F8tU2bfv9sXRoqfqOf6iDFiFxX%2BpUOfqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae1da104e55-FRA

GET
H2 200 5034-scientists-flood-forests-to-mimic-rising-seas-696x464.jpg
all-news.co/wp-content/uploads/2021/09/ 45 KB
45 KB 16ms
16ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5034-scientists-flood-forests-to-mimic-rising-seas-696x464.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7dc9471215ae2041369db90d3dcd77d200d84ddc50800b112d9467071281989

Request headers

:path: /wp-content/uploads/2021/09/5034-scientists-flood-forests-to-mimic-rising-seas-696x464.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46099
last-modified: Sat, 18 Sep 2021 18:24:47 GMT
server: cloudflare
etag: "b413-5cc4929aaa608"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9OOQjd60QzjoMK00%2FB0OzIZ9QNaRPqriWE8rN0xTw75C%2Ba%2BRsQUbB8btts4p4dkmF8JLdxcIlYkx7noNXDCzSpjtbiIg5tgR9G5509OFE834If2nCiX9rN%2BPT2JZPOLYd4%2F1htVhl5jig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae20a6b4e55-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 19 Sep 2021 00:45:39 GMT

GET
H2 200 5032-aston-villa-vs-everton-follow-the-action-live-on-f365-324x400.jpg
all-news.co/wp-content/uploads/2021/09/ 8 KB
8 KB 14ms
14ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d344d22787e95dcd2d7f9009d837443b5c0e1e60a2b5a0a7e5e80f405983a31f

Request headers

:path: /wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8211
last-modified: Sat, 18 Sep 2021 17:24:51 GMT
server: cloudflare
etag: "2013-5cc4853519271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPKu5la96MB8aD28vDLxNVptmCqr3m7LhkP0fVjmdRyczbV7oH1EaB7MgFu%2F15rOtZBArAtvVtn78SGxttsuOsRfhGnKO%2F02VpBnLrICTKlYqEKgpwpSGyJihROjUywBfqTnuAuRsJr66A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae22a8f4e55-FRA

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2AFB 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 18 Sep 2021 20:03:20 GMT
expires: Sun, 18 Sep 2022 20:03:20 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CA89 783 B
1 KB 28ms
28ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e8b8ead59fbb432ee08c70140d8cd6e5309d6c75595fa56ca68c38bad613731

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zkuhnPHRPOy0IYXsiua2Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 19 Sep 2021 00:45:39 GMT
date: Sun, 19 Sep 2021 00:45:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-zkuhnPHRPOy0IYXsiua2Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 5030-vikes-griffen-in-protocol-after-deer-causes-wreck-324x400.jpg
all-news.co/wp-content/uploads/2021/09/ 23 KB
23 KB 20ms
20ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f413a90fb9fa4b649ed4e52a2c80a1dddcf6701e646b6edbd2d9b7e4641048

Request headers

:path: /wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23064
last-modified: Sat, 18 Sep 2021 15:28:36 GMT
server: cloudflare
etag: "5a18-5cc46b3999c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8ZXMrSlDkPGV4IKtJiPnyIHJbjt8Yaw%2FFrj2FaQ0N%2B4P8%2B36v%2Bo1oXZiPv%2Bab5TRpzXHyyjfCxEKd8TU0mT%2FJ104KuAMbcSKXrpJeaMGcorw%2BY2VkWZeJJYRoFFSzwP3vwZz1nswSmYNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae24aab4e55-FRA

GET
DATA 200
OK truncated
/ 582 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 5020-miami-dolphins-notebook-injury-update-tough-wr-decision-coming-more-324x400.jpg
all-news.co/wp-content/uploads/2021/09/ 31 KB
31 KB 12ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5020-miami-dolphins-notebook-injury-update-tough-wr-decision-coming-more-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 423c2ec0d45d64c11b73ae70f0c6c802cbc6e89acf8eececfdaba95e5b46e1dd

Request headers

:path: /wp-content/uploads/2021/09/5020-miami-dolphins-notebook-injury-update-tough-wr-decision-coming-more-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31592
last-modified: Fri, 17 Sep 2021 20:24:43 GMT
server: cloudflare
etag: "7b68-5cc36b8be05e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCFAvbgvvi2w%2F%2FdGJapp7PyZFk9PYIDMxZT74pr1Tikx1h%2Be7NGJ%2BmKHB1v2wUK2LAhsYu%2F64MwTdDesWVl53bRcanwrImyhxuu0ekuQ7Wh5vqdRJlNJIE5OvOxuty2VCyznoYfK5grryQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae26acc4e55-FRA

GET
H2 200 1cNYsg18Ntl-dLR0EWIlBptOsTN7Mb0i9rJo18o3efQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AFB 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1cNYsg18Ntl-dLR0EWIlBptOsTN7Mb0i9rJo18o3efQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c358b20d7c36d97e74b474116225069b4eb1337b31bd22f6b268d7ca3779f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 15:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13345
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 15:08:38 GMT

GET
H2 200 5036-amari-niblack-set-on-being-the-next-julio-jones.jpg
all-news.co/wp-content/uploads/2021/09/ 24 KB
24 KB 24ms
24ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffcbd2ba45f11350c0023d62d5170688877e6d172e691aa6a8b31af7d95c3b59

Request headers

:path: /wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24185
last-modified: Sat, 18 Sep 2021 20:24:51 GMT
server: cloudflare
etag: "5e79-5cc4ad715e465"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzHc5eaRJRiQm5lntbaDYffZsD8IzkEzafJG4m%2FrMANDf6gWG%2BmaAcWyWEWSJkaCptM1iM3enavsxrh%2Brla4B8RqQ3gkAoHf%2ByrxMD44kl1vtBZDkQAvg74SNVQWQcNIHeTZgn%2FF%2BhnTtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae28ade4e55-FRA

GET
H2 200 5034-scientists-flood-forests-to-mimic-rising-seas-696x464.jpg
all-news.co/wp-content/uploads/2021/09/ 45 KB
45 KB 13ms
13ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5034-scientists-flood-forests-to-mimic-rising-seas-696x464.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7dc9471215ae2041369db90d3dcd77d200d84ddc50800b112d9467071281989

Request headers

:path: /wp-content/uploads/2021/09/5034-scientists-flood-forests-to-mimic-rising-seas-696x464.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46099
last-modified: Sat, 18 Sep 2021 18:24:47 GMT
server: cloudflare
etag: "b413-5cc4929aaa608"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnV5TlIqqMBXXAMvXa73hKZCUMLcr55DdM%2FEEoNPv%2BUvtT1ne0hFvXaEEd%2F9jvcVbhbvjfr1LnvUgM7SA6bqjoCmFb1owTwH5QoBn4J29d7zrmKxsA4mGezhsOCZCL8ma1pPDvNWruUCLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae2aaf24e55-FRA

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CA89 0
0 18ms
18ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210915&jk=875342109524305&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 5032-aston-villa-vs-everton-follow-the-action-live-on-f365-696x696.jpg
all-news.co/wp-content/uploads/2021/09/ 19 KB
19 KB 12ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-696x696.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52135a32eb3498f4d346b887e6addb20e500c18b6a805e528a6dc2f600e5acd0

Request headers

:path: /wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-696x696.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19203
last-modified: Sat, 18 Sep 2021 17:24:51 GMT
server: cloudflare
etag: "4b03-5cc4853540b43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86rVMzecUSyJ6XgZ0lt%2FbcmBEQxEHwlaPbF%2B4wBUGgkJ7oBkQ5I%2Bhj6D639Qnzw0Pqze4jov7MB9uxWXHl0P3P3tBj3yv6Jtngz08e2Zd%2BTSjuiQ6MNga3QfV7NyvmB73LiEVwMCmjnyAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae2db174e55-FRA

GET
H2 200 5030-vikes-griffen-in-protocol-after-deer-causes-wreck-696x392.jpg
all-news.co/wp-content/uploads/2021/09/ 29 KB
29 KB 16ms
16ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-696x392.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef34ef1c8c78e078a94950bffd82badc085a7c08552ea8e8674844d2591428ad

Request headers

:path: /wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-696x392.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29495
last-modified: Sat, 18 Sep 2021 15:28:36 GMT
server: cloudflare
etag: "7337-5cc46b39b2ab1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muvS%2BbD7hD%2BtkTp4TYPMFCqltrGGXJ8i9OXkd9PGdBdCIavHQ9a3fkvUBIxPSb%2BsYSdp0AeH6TSbnIRlO1%2Fdix%2Fs0lNKfjPBSDSuKao4Jvi9mPQK5PIpYBjrL1qN7IyuKTcJOG2Z78gIzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae2fb404e55-FRA

GET
H2 200 5036-amari-niblack-set-on-being-the-next-julio-jones-485x360.jpg
all-news.co/wp-content/uploads/2021/09/ 19 KB
20 KB 18ms
18ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones-485x360.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b17194444264cf4bf96a284e238cd423a9e8d3292ff21f65f0f23483b5df6524

Request headers

:path: /wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones-485x360.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19962
last-modified: Sat, 18 Sep 2021 20:24:51 GMT
server: cloudflare
etag: "4dfa-5cc4ad7181ace"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMa5HzQhIXvEeUB7VtEm3iCyW9XxHdx6fVzmjINw%2BjEmA%2BWL912OKy5JNFWGClTbPguzhFUgmA9vHQf%2FhJx3Ege4dqe1Svj2yNBma7zAPy5z65Rm6saflPDXL8Yr%2FgNTQ8I2Pf6Pqs2APA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae31b584e55-FRA

GET
H2 200 5036-amari-niblack-set-on-being-the-next-julio-jones.jpg
all-news.co/wp-content/uploads/2021/09/ 24 KB
24 KB 13ms
13ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffcbd2ba45f11350c0023d62d5170688877e6d172e691aa6a8b31af7d95c3b59

Request headers

:path: /wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24185
last-modified: Sat, 18 Sep 2021 20:24:51 GMT
server: cloudflare
etag: "5e79-5cc4ad715e465"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yYnpi0pL16Jlmn6aecStFv2a6gqzh2AtVPN98WaHZ1gou6LbG9KITs846ZbDgej70k6ETdN7Vu6WSzscg%2FyfqcHbSukSU6sUqTv2XVNASvAfx99z8anCX5b%2BXKtN7F%2FdQxA22P5YDH1KA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae33b6c4e55-FRA

GET
H2 200 5034-scientists-flood-forests-to-mimic-rising-seas-218x150.jpg
all-news.co/wp-content/uploads/2021/09/ 6 KB
7 KB 12ms
11ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5034-scientists-flood-forests-to-mimic-rising-seas-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbf1ce59496a4fa54ff0a8858d67a1c8c6c0e6def75df545c79d0ac089b69a0d

Request headers

:path: /wp-content/uploads/2021/09/5034-scientists-flood-forests-to-mimic-rising-seas-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 143
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6541
last-modified: Sat, 18 Sep 2021 18:24:46 GMT
server: cloudflare
etag: "198d-5cc492997f0ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZyRlVdCuRSudP3WC49TqaoM5R183xldRdxSmT%2FlfH02y%2FjZ9mSwteJOdDmz474ZPJjqRVJDxrWoyTMP5nXY7myam6iW7cIGT%2FnqEb8fsjE50ySXQxLUddA%2B5aLpT7RGhaXmPQYm%2BYpS%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae33b754e55-FRA

GET
H2 200 5034-scientists-flood-forests-to-mimic-rising-seas-696x464.jpg
all-news.co/wp-content/uploads/2021/09/ 45 KB
45 KB 15ms
15ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5034-scientists-flood-forests-to-mimic-rising-seas-696x464.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7dc9471215ae2041369db90d3dcd77d200d84ddc50800b112d9467071281989

Request headers

:path: /wp-content/uploads/2021/09/5034-scientists-flood-forests-to-mimic-rising-seas-696x464.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46099
last-modified: Sat, 18 Sep 2021 18:24:47 GMT
server: cloudflare
etag: "b413-5cc4929aaa608"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJ4uHDSF2uEE%2Fe5wnj2zCNq4djurXP46RrfRHeRWhekgi7Zb642pn12YVYKuiGgiDFxIw0PmGF5rtpbmVEm4HxeztAncz4N%2BklSTEWT5GF08HVlO%2FHBdejApzrvn8rPbLknGFWTduam9pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae35b844e55-FRA

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 19ms
19ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210915&jk=875342109524305&bg=!Tk2lTQnNAAaUnz4elJ87ACkAdvg8WpWRUV5vVleBVvhl7PFp88hCOtPrALw_mZewcJXs5HZA0G5iTwIAAABoUgAAAA5oAQeZAnam1X9V8Md7HG16YFdLENcGTyoJkOorDPJmNHQcjLRW3dUw6BHGM4Wr8uZCO4hfJC9KvNWfOoOm7vp_Nd7RN6PXHgqs6-VhYL3WkwJaAlYWUBtT7fYlhhcnYRiBYugqvLQvgX6MyDUsgMcxljvm8UBrciaZMemgU1rhZPHKDmqasnWc35o6SPmiDIWuY9yOYkMBDeYnKY_TW0ExS8xvx-bO-VdPHWyF0uEjQFOyE9O-j4K-HoKV2o_SkTFdhLQqjDaUNch5S3RKAcfYcsN2y3EinfMKAgXQpwzOd5mXcucyyZRZtFmEs7ix2Zc1GxZki8r5o1J3qgIEhg8e96xfbEnu3XctvYqv_Dbz_ucKDEz6CjDky2iQrZUvPDJ9G03blcq3AcN4CFynkfvp4JcJRqWsLUPQyZ4R8Ofd5NlaiP8kpaySSXDlp_hUcnh1dY7r8NgepUgWzicQRnKeWclwl-PMiacnOkISpQvmugZHe7tuDFzcTKo5ffaKAR6x2IjAX_d086elVLvOH650zHOCfcSGfjuPIoGLwgeoP77q6sV_RLUgnnmRwuTCAiZtg12T1TyH377Rb5HdkMv2FmaSh4O_APIlcR-5aioO01Mf45w5kFp9My_MBjm4vWFES1bfxUFF0il5MGuuiuuvxFeDT9eNIhl9f4IGlH46LiQltFczwMXTEH4O07bkB6W4wh8qnOYNCwFuryZ4Wq5oReYdwq7qkireC23EdiVkrr2DxI4jdduyMShBJRz77fBWCmf8EEZu77xLzg5EAUCQPHSSvv92ro1nAFhJ9OFZp9VZizpNLpLr41xbQK_KNEQUkVlbeBQNWRNa9Ks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 5032-aston-villa-vs-everton-follow-the-action-live-on-f365-218x150.jpg
all-news.co/wp-content/uploads/2021/09/ 4 KB
4 KB 11ms
11ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6feb91c6ba298350d48575531094fcd32807f61662b2e40f7fb167d0d62faf1

Request headers

:path: /wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4231
last-modified: Sat, 18 Sep 2021 17:24:51 GMT
server: cloudflare
etag: "1087-5cc48535109b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJIq%2BJWq74PRihm0SKao%2FnyyZazAWpTYyrHs6d9zC8T5f8sKHe6EQXwkL4GcbfIRiVSke0W3pSz5RlseDMZ0fyzUM6Anknj4aiN%2BPe0p0SgX3jtpEiVFN7xGUipYOa4QAZeqE%2FNHmwABaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae37b9c4e55-FRA

GET
H2 200 5032-aston-villa-vs-everton-follow-the-action-live-on-f365-696x696.jpg
all-news.co/wp-content/uploads/2021/09/ 19 KB
19 KB 13ms
13ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-696x696.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52135a32eb3498f4d346b887e6addb20e500c18b6a805e528a6dc2f600e5acd0

Request headers

:path: /wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-696x696.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19203
last-modified: Sat, 18 Sep 2021 17:24:51 GMT
server: cloudflare
etag: "4b03-5cc4853540b43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2B396xCa3%2BKwO5gVUWgXwAP%2FxJi%2FZqlxKg92guK5fKSTzV%2FiwEfNAaXxbxZgB7O%2BS5iwI6h%2FeSUb8i7zfPVRcYgsWEsdkezv2v6Gc9n%2F4o0BI%2BKPcY1J8dyos1q7SLkQUHh7n3NwLFGuiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae38bb04e55-FRA

GET
H2 200 5030-vikes-griffen-in-protocol-after-deer-causes-wreck-696x392.jpg
all-news.co/wp-content/uploads/2021/09/ 29 KB
29 KB 13ms
13ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-696x392.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef34ef1c8c78e078a94950bffd82badc085a7c08552ea8e8674844d2591428ad

Request headers

:path: /wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-696x392.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29495
last-modified: Sat, 18 Sep 2021 15:28:36 GMT
server: cloudflare
etag: "7337-5cc46b39b2ab1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9uYWX9IrWYmf4jkq205vlE3mXgwDcQqeMphVnt70%2BGP3e5%2Fdge38OsN9aWpkS%2BKip6e4xptMkJxe7n2XAwmsqsHmIN6P9nEc6%2BOnQDIbh886d6ISY%2FE%2FePkFizgxO87MoF4LSOXKM7YrfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae3abbe4e55-FRA

GET
H2 200 5030-vikes-griffen-in-protocol-after-deer-causes-wreck-218x150.jpg
all-news.co/wp-content/uploads/2021/09/ 6 KB
6 KB 12ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f8d4647750168f167723d7baae004ccad468fe99c57eca3c2f0131feb43011b

Request headers

:path: /wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 141
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6306
last-modified: Sat, 18 Sep 2021 15:28:36 GMT
server: cloudflare
etag: "18a2-5cc46b3991b58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fr8RB3aUiS6QZkcjW%2FlOnj0SALjZ4E%2Blz%2F601HYUkiR%2Bdga8OuuRfH6PrtVknN%2BYwkmFxvWanmFVvoQyGv903zpB%2FLn34Se%2BRDupTYGPuBzU7fS9V8oBN1eYnuj6PNgrdvphuk4H0wEqpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae3bbcd4e55-FRA

GET
H2 200 5036-amari-niblack-set-on-being-the-next-julio-jones-485x360.jpg
all-news.co/wp-content/uploads/2021/09/ 19 KB
20 KB 16ms
16ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones-485x360.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b17194444264cf4bf96a284e238cd423a9e8d3292ff21f65f0f23483b5df6524

Request headers

:path: /wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones-485x360.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19962
last-modified: Sat, 18 Sep 2021 20:24:51 GMT
server: cloudflare
etag: "4dfa-5cc4ad7181ace"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biVA8G1ZGslI3JS85hB%2BZtPA%2BRnair%2FBAl8ZqvzkueSdsH5zMImHm1wZkYXEm4oruALv36OPqu5oJCoEIetHcgXkY2Uz7Cl1FPEwgd2Qq%2FN%2Bzf7MItEknI4OhYY6wHrMUera2hVFLtJC6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae3cbd74e55-FRA

GET
H2 200 5034-scientists-flood-forests-to-mimic-rising-seas-218x150.jpg
all-news.co/wp-content/uploads/2021/09/ 6 KB
7 KB 12ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5034-scientists-flood-forests-to-mimic-rising-seas-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbf1ce59496a4fa54ff0a8858d67a1c8c6c0e6def75df545c79d0ac089b69a0d

Request headers

:path: /wp-content/uploads/2021/09/5034-scientists-flood-forests-to-mimic-rising-seas-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 143
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6541
last-modified: Sat, 18 Sep 2021 18:24:46 GMT
server: cloudflare
etag: "198d-5cc492997f0ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmU%2FStLUv7JBDt%2Bxn%2FMjY1o5NIUls2sFJ1gu7XLyErp%2Fwvhl%2FdARTfkIb9WAwKkQRPJiwzMiopUdvXV0MGau%2FP9WiPOmE6YDFU43cS0t1DhRFAwwU3rH6tJ2Xk2I5AZOBA%2Bo%2B2NRNi6lKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae3fbfe4e55-FRA

GET
H2 200 5032-aston-villa-vs-everton-follow-the-action-live-on-f365-218x150.jpg
all-news.co/wp-content/uploads/2021/09/ 4 KB
4 KB 12ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6feb91c6ba298350d48575531094fcd32807f61662b2e40f7fb167d0d62faf1

Request headers

:path: /wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4231
last-modified: Sat, 18 Sep 2021 17:24:51 GMT
server: cloudflare
etag: "1087-5cc48535109b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQ3ykxuLpkbbJXYZpp9CC5TlM8eopj%2F6Q8%2FjsyS6Rq39iugAJT7lvXBXct2cjLsSm%2FQrykQFa5R2439Txk75zIwAQ7XF7piXmZnq5jMg%2FWwCWg17FgyT5%2B7ydCmp5mMoFoFS5bt%2Fz7Ai6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae42c304e55-FRA

GET
H2 200 5030-vikes-griffen-in-protocol-after-deer-causes-wreck-218x150.jpg
all-news.co/wp-content/uploads/2021/09/ 6 KB
6 KB 14ms
14ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f8d4647750168f167723d7baae004ccad468fe99c57eca3c2f0131feb43011b

Request headers

:path: /wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 141
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6306
last-modified: Sat, 18 Sep 2021 15:28:36 GMT
server: cloudflare
etag: "18a2-5cc46b3991b58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYcq2NwYOVc2LvZZTu6Axp7rLhgi5AdXuI5LJqxVzK6fH5P1bNLDnoapnUEN82rHWGU9bur5eDSlEQqDi3uDMV2ptq7IuC7Si5yAQf8Il84kTxi5KA651M4k0wwtmo66SoioPFYxEs7M7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae46c674e55-FRA

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame A24A 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1965034739&adf=613035099&pi=t.ma~as.9785579158&w=300&lmt=1632012339&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012339416&bpp=1&bdt=1630&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8c755f505fdae66-224b71a438c90003%3AT%3D1632012338%3ART%3D1632012338%3AS%3DALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw&prev_fmts=0x0%2C712x178%2C324x250%2C1600x1200%2C1005x124&nras=3&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1022&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_XV8lAbozukdUFiS-nd5N5rNx3j1O9Mq8D5oz9k5pkWs9-soYLM7KBCaU8yoHXyksuw06-U16djw%2CAGkb-H8gcI8dqe7Bh_BzjSin9SGj_xcQi5yTpsPDWP2VHeBYYxgKhoiumF6DsCgZwbwSGaazwoDX187LL5_lh_Jzuh2JvmSO9TnJKICXTzY&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=LIEvEeJmCL&p=https%3A//all-news.co&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:36:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A24A 128 KB
39 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1631879102694099"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sun, 19 Sep 2021 00:45:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame A24A 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 00:29:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A24A 0
0 15ms
14ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmYTycLO4e9BivQ_NK52yJrvK4tlHH8IfSSn_r7Y5N7b4Wlvu3Jx0qP_qfHEbXo4jIbZ72kljz9YU5crYtYLRsFHmv0w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1965034739&adf=613035099&pi=t.ma~as.9785579158&w=300&lmt=1632012339&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012339416&bpp=1&bdt=1630&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8c755f505fdae66-224b71a438c90003%3AT%3D1632012338%3ART%3D1632012338%3AS%3DALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw&prev_fmts=0x0%2C712x178%2C324x250%2C1600x1200%2C1005x124&nras=3&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1022&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_XV8lAbozukdUFiS-nd5N5rNx3j1O9Mq8D5oz9k5pkWs9-soYLM7KBCaU8yoHXyksuw06-U16djw%2CAGkb-H8gcI8dqe7Bh_BzjSin9SGj_xcQi5yTpsPDWP2VHeBYYxgKhoiumF6DsCgZwbwSGaazwoDX187LL5_lh_Jzuh2JvmSO9TnJKICXTzY&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=LIEvEeJmCL&p=https%3A//all-news.co&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame A24A 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cvv9WM4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSYAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpB-s8Hxr3pR06PgZ4zFbLdxl2ngAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=38c-zrkI1Ys

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1965034739&adf=613035099&pi=t.ma~as.9785579158&w=300&lmt=1632012339&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012339416&bpp=1&bdt=1630&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8c755f505fdae66-224b71a438c90003%3AT%3D1632012338%3ART%3D1632012338%3AS%3DALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw&prev_fmts=0x0%2C712x178%2C324x250%2C1600x1200%2C1005x124&nras=3&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1022&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_XV8lAbozukdUFiS-nd5N5rNx3j1O9Mq8D5oz9k5pkWs9-soYLM7KBCaU8yoHXyksuw06-U16djw%2CAGkb-H8gcI8dqe7Bh_BzjSin9SGj_xcQi5yTpsPDWP2VHeBYYxgKhoiumF6DsCgZwbwSGaazwoDX187LL5_lh_Jzuh2JvmSO9TnJKICXTzY&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=LIEvEeJmCL&p=https%3A//all-news.co&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 19 Sep 2021 00:45:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame A24A 0
0 40ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gdacye9d0j6zn7m3qvp21y09k10jw592nk13x6rbjkrn6645937dsc6sfsgwarmat96tj82gt5r38nr6cvmnke1baqbc80pbtvppv5d21923eagb3bm88p7b269p5fcc0nrxt7jvj0jpj679gz8ybbf8ksb1hyk7cf5m2d2pdm5txbn53m6gcm36edecagqakxajpqjgc7eynq8aqe3arq7p9zrarjfxft2qn0x2x7dd0pm52djdyfsy7kf9dxbtn15p7w62pbmyaq05dw9vbj4nh24t9qbvhe4g18nx68at4dba3rn3qdpfgdr5hfbatm49cdkpsnzcjysdc2jmpxk8yk8y1zv654kap63vn1xc2bey0jzhadv7txgq724pxxd1x1124&b=YUaIMwAGrY0Ke6LRAAuBCF15yG5QJpvD72WCIQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1965034739&adf=613035099&pi=t.ma~as.9785579158&w=300&lmt=1632012339&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012339416&bpp=1&bdt=1630&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8c755f505fdae66-224b71a438c90003%3AT%3D1632012338%3ART%3D1632012338%3AS%3DALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw&prev_fmts=0x0%2C712x178%2C324x250%2C1600x1200%2C1005x124&nras=3&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1022&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_XV8lAbozukdUFiS-nd5N5rNx3j1O9Mq8D5oz9k5pkWs9-soYLM7KBCaU8yoHXyksuw06-U16djw%2CAGkb-H8gcI8dqe7Bh_BzjSin9SGj_xcQi5yTpsPDWP2VHeBYYxgKhoiumF6DsCgZwbwSGaazwoDX187LL5_lh_Jzuh2JvmSO9TnJKICXTzY&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=LIEvEeJmCL&p=https%3A//all-news.co&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 19 Sep 2021 00:45:39 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 99DC 2 KB
2 KB 64ms
32ms Document
text/html 2606:4700:3039::6815:c01b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hx6vja08qfk844s2femnehknbgx7zf18n0e5bf3w5h6g6cg04s9w0pwz7e06xr9pq2brth5tp1vddfnnqws586hc1fwq0w7teswpd39zsmxehc68eq9hbbgw38ytjrd3699yys1rz8hr8tzzq2sefqmjzrm0bhjj4h3dh6xb60qaz0qt7dt6yecf0vd462t0x4rhtj4k45ktp42vmg473bkkeex2yz4t0t6zfmzjs3rz3aaa3gk0a9cv62hgywe9gs5jyys7q9tt1j08na4gj8rnap46xw7f4mk96t1kzjfsvwqfqx8x979zv2r06rtkeczjr5wsxpyycfnk1hvzsk6th2mw7j72be7cgjnffgs241t42q98jb9kkxs8dgkfgk1jrc80kptaah3m8mqkpfh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%26client%3Dca-pub-8439024877331049%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c01b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bf93a3d3f01fc9c14f802fbb57f4793662a4f3d2d9cc285981682dfbf1f7462

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1hx6vja08qfk844s2femnehknbgx7zf18n0e5bf3w5h6g6cg04s9w0pwz7e06xr9pq2brth5tp1vddfnnqws586hc1fwq0w7teswpd39zsmxehc68eq9hbbgw38ytjrd3699yys1rz8hr8tzzq2sefqmjzrm0bhjj4h3dh6xb60qaz0qt7dt6yecf0vd462t0x4rhtj4k45ktp42vmg473bkkeex2yz4t0t6zfmzjs3rz3aaa3gk0a9cv62hgywe9gs5jyys7q9tt1j08na4gj8rnap46xw7f4mk96t1kzjfsvwqfqx8x979zv2r06rtkeczjr5wsxpyycfnk1hvzsk6th2mw7j72be7cgjnffgs241t42q98jb9kkxs8dgkfgk1jrc80kptaah3m8mqkpfh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%26client%3Dca-pub-8439024877331049%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 690ecae4af951786-FRA
content-encoding: br

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9C75 1 KB
868 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 18 Sep 2021 08:58:57 GMT
expires: Sun, 19 Sep 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 56802
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9C75 35 B
464 B 107ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHtNkwri5WU1AjU2UyErcC4&google_cver=1&google_push=AYg5qPJHMzLnU8eYTdMssRBfbgZNI2dY6MX8KzwMUAPN4io4g5EzDtAJPCyXukP-yxELmcNfK69T6ScLeMKjWG1rN4G8l0_Wn8hn

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 00:45:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C75
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIgo3XF...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIgo3XF...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MTkwMDQ1NDAwMDAzMTM0NDczODU1MQ%3D%3D&google_push=AYg5qPIgo3XFAR0y20IBUwmIN5HpKYVPCdaTuVH5KwTqsUGr-pl27vyvUg0enchAxYds_e...

170 B
188 B

17ms
16ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MTkwMDQ1NDAwMDAzMTM0NDczODU1MQ%3D%3D&google_push=AYg5qPIgo3XFAR0y20IBUwmIN5HpKYVPCdaTuVH5KwTqsUGr-pl27vyvUg0enchAxYds_epSupLSWGJX5z8ZsWNyTitDT0vbLT4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 00:45:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MTkwMDQ1NDAwMDAzMTM0NDczODU1MQ%3D%3D&google_push=AYg5qPIgo3XFAR0y20IBUwmIN5HpKYVPCdaTuVH5KwTqsUGr-pl27vyvUg0enchAxYds_epSupLSWGJX5z8ZsWNyTitDT0vbLT4
pragma: no-cache
date: Sun, 19 Sep 2021 00:45:40 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sun, 19 Sep 2021 00:45:40 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C75
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEGU8_8N2p6-mcS3tCOsaQCE&google_cver=1&google_push=AYg5qPJFZG9QatC9nV0rLOq8OASQMVjLL9GcggU8CPtEzLnQGYi93KKAl1iVY2ckg-AJIXqDti-0QZy8dEaC58tex9bWrei0xvj_
https://rtb.openx.net/sync/dds?google_gid=CAESEGU8_8N2p6-mcS3tCOsaQCE&google_cver=1&google_push=AYg5qPJFZG9QatC9nV0rLOq8OASQMVjLL9GcggU8CPtEzLnQGYi93KKAl1iVY2ckg-AJIXqDti-0QZy8dEaC58tex9bWrei0xvj_&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJFZG9QatC9nV0rLOq8OASQMVjLL9GcggU8CPtEzLnQGYi93KKAl1iVY2ckg-AJIXqDti-0QZy8dEaC58tex9bWrei0xvj_&google_hm=fAq86WGhx_8LpFCAIrs9kg==

170 B
329 B

17ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJFZG9QatC9nV0rLOq8OASQMVjLL9GcggU8CPtEzLnQGYi93KKAl1iVY2ckg-AJIXqDti-0QZy8dEaC58tex9bWrei0xvj_&google_hm=fAq86WGhx_8LpFCAIrs9kg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 00:45:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Sep 2021 00:45:39 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJFZG9QatC9nV0rLOq8OASQMVjLL9GcggU8CPtEzLnQGYi93KKAl1iVY2ckg-AJIXqDti-0QZy8dEaC58tex9bWrei0xvj_&google_hm=fAq86WGhx_8LpFCAIrs9kg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: v52augridb5oni190mb9b5jcqpg5ehc6

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C75
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dACp_5QuSJKITopesUZM7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dACp_5QuSJKITopesUZM7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLpa5A7PKyFlcY5dFko7zOefNTDHUB9abG6tm5mDRINwOTaZHKCk1eTABmRaVE64WLIi3AC52Vx6MnyzE9P51hKE-JAT8c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 00:45:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dACp_5QuSJKITopesUZM7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLpa5A7PKyFlcY5dFko7zOefNTDHUB9abG6tm5mDRINwOTaZHKCk1eTABmRaVE64WLIi3AC52Vx6MnyzE9P51hKE-JAT8c
date: Sun, 19 Sep 2021 00:45:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C75
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM5Aq_Nb9fxW0xVJ9PULZqE&google_cver=1&google_push=AYg5qPL-rOqcax712R-XNdi6TgE6P0NBdpfjEddgXAXMjhBzjmOtfzmFX-PcoQNvPkQsnFwyulX...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RRSTBDVkotQS1GOUMz&google_push=AYg5qPL-rOqcax712R-XNdi6TgE6P0NBdpfjEddgXAXMjhBzjmOtfzmFX-PcoQNvPkQsnFwyulXvZCirmfeBo1hNsqtocsXwlaVG

170 B
188 B

18ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RRSTBDVkotQS1GOUMz&google_push=AYg5qPL-rOqcax712R-XNdi6TgE6P0NBdpfjEddgXAXMjhBzjmOtfzmFX-PcoQNvPkQsnFwyulXvZCirmfeBo1hNsqtocsXwlaVG

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 00:45:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RRSTBDVkotQS1GOUMz&google_push=AYg5qPL-rOqcax712R-XNdi6TgE6P0NBdpfjEddgXAXMjhBzjmOtfzmFX-PcoQNvPkQsnFwyulXvZCirmfeBo1hNsqtocsXwlaVG
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 9C75
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10S...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 9C75 43 B
297 B 335ms
20ms Image
image/gif 2a05:d01c:1d8:8102:4225:58c4:d6f3:5063
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBoqOIoqZNXYQPXcdX-B2Ow&google_cver=1&google_push=AYg5qPIIB4x-qQSxkcu371Q9J_hJo2rsEQxobcGqvH_A_4AWr3sFjdr2T9FVnhx5i8SEgKC1c-o38E_s_JdkV06ilq0mlSY8dtxQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=9785579158&adk=1965034739&adf=613035099&pi=t.ma~as.9785579158&w=300&lmt=1632012339&psa=1&format=300x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632012339416&bpp=1&bdt=1630&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd8c755f505fdae66-224b71a438c90003%3AT%3D1632012338%3ART%3D1632012338%3AS%3DALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw&prev_fmts=0x0%2C712x178%2C324x250%2C1600x1200%2C1005x124&nras=3&correlator=1865723874444&frm=20&pv=1&ga_vid=1571109946.1632012338&ga_sid=1632012338&ga_hid=1941979421&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1022&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_XV8lAbozukdUFiS-nd5N5rNx3j1O9Mq8D5oz9k5pkWs9-soYLM7KBCaU8yoHXyksuw06-U16djw%2CAGkb-H8gcI8dqe7Bh_BzjSin9SGj_xcQi5yTpsPDWP2VHeBYYxgKhoiumF6DsCgZwbwSGaazwoDX187LL5_lh_Jzuh2JvmSO9TnJKICXTzY&pvsid=875342109524305&pem=72&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=LIEvEeJmCL&p=https%3A//all-news.co&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:4225:58c4:d6f3:5063 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 00:45:40 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9C75 0
253 B 67ms
15ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_xbTzbaZI5Q5yxU0gATM0-l6OIK8-p-IMhKTW5RFC_X09sthK2f1aqzElqe5w8rbFemk9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame A24A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b172c6d64723e1614cf1f5277f58603383d6cc24ca605047bb73937051a61bf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.8/one-ad/ Frame 99DC 64 KB
8 KB 20ms
19ms Stylesheet
text/css 2606:4700:3039::6815:c01b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hx6vja08qfk844s2femnehknbgx7zf18n0e5bf3w5h6g6cg04s9w0pwz7e06xr9pq2brth5tp1vddfnnqws586hc1fwq0w7teswpd39zsmxehc68eq9hbbgw38ytjrd3699yys1rz8hr8tzzq2sefqmjzrm0bhjj4h3dh6xb60qaz0qt7dt6yecf0vd462t0x4rhtj4k45ktp42vmg473bkkeex2yz4t0t6zfmzjs3rz3aaa3gk0a9cv62hgywe9gs5jyys7q9tt1j08na4gj8rnap46xw7f4mk96t1kzjfsvwqfqx8x979zv2r06rtkeczjr5wsxpyycfnk1hvzsk6th2mw7j72be7cgjnffgs241t42q98jb9kkxs8dgkfgk1jrc80kptaah3m8mqkpfh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%26client%3Dca-pub-8439024877331049%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c01b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hx6vja08qfk844s2femnehknbgx7zf18n0e5bf3w5h6g6cg04s9w0pwz7e06xr9pq2brth5tp1vddfnnqws586hc1fwq0w7teswpd39zsmxehc68eq9hbbgw38ytjrd3699yys1rz8hr8tzzq2sefqmjzrm0bhjj4h3dh6xb60qaz0qt7dt6yecf0vd462t0x4rhtj4k45ktp42vmg473bkkeex2yz4t0t6zfmzjs3rz3aaa3gk0a9cv62hgywe9gs5jyys7q9tt1j08na4gj8rnap46xw7f4mk96t1kzjfsvwqfqx8x979zv2r06rtkeczjr5wsxpyycfnk1hvzsk6th2mw7j72be7cgjnffgs241t42q98jb9kkxs8dgkfgk1jrc80kptaah3m8mqkpfh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 291300
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Sep 2021 15:50:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 690ecae4ffb41786-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 99DC 36 KB
13 KB 44ms
19ms Script
application/javascript 2606:4700:3039::6815:c01b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hx6vja08qfk844s2femnehknbgx7zf18n0e5bf3w5h6g6cg04s9w0pwz7e06xr9pq2brth5tp1vddfnnqws586hc1fwq0w7teswpd39zsmxehc68eq9hbbgw38ytjrd3699yys1rz8hr8tzzq2sefqmjzrm0bhjj4h3dh6xb60qaz0qt7dt6yecf0vd462t0x4rhtj4k45ktp42vmg473bkkeex2yz4t0t6zfmzjs3rz3aaa3gk0a9cv62hgywe9gs5jyys7q9tt1j08na4gj8rnap46xw7f4mk96t1kzjfsvwqfqx8x979zv2r06rtkeczjr5wsxpyycfnk1hvzsk6th2mw7j72be7cgjnffgs241t42q98jb9kkxs8dgkfgk1jrc80kptaah3m8mqkpfh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c01b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Sun, 19 Sep 2021 00:45:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67045
x-guploader-uploadid: ADPycdt1KKgT1vZCtYlUIGWAIOoWV9UUbDXlVCzZUH_H2oBvFz0T1QBM6tJfGlmMK9ZEmDe9MGu0TPFCcflr3i9wLm3IFyGkDw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 05:18:43 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ks%2FtgouboMa2s5f1eBOPlbRhqT2tjUup0zW%2BKZidF02No2ZLTRetjTMKyIX3%2FDG%2FBZ8yeRdRPZJdhGG89xIezncKe5sUwNl465imsB9bxlKF48s6Yl0TUMzMmqId9Zga4yIoGtI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1630387096547004
content-type: application/javascript; charset=utf-8
expires: Sat, 18 Sep 2021 06:08:15 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 690ecae51fcd1786-FRA
cf-bgj: minify

GET
H2 200 5036-amari-niblack-set-on-being-the-next-julio-jones-324x400.jpg
all-news.co/wp-content/uploads/2021/09/ 19 KB
19 KB 18ms
17ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones-324x400.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1ce7615f599f8dc5600c5335cd8e81b0982e05946f646bf12b846e4bc018c5

Request headers

:path: /wp-content/uploads/2021/09/5036-amari-niblack-set-on-being-the-next-julio-jones-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19526
last-modified: Sat, 18 Sep 2021 20:24:51 GMT
server: cloudflare
etag: "4c46-5cc4ad7179216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uf4Xewxjuk92of%2B8%2BOxDg%2BOpNNkrUWq%2FXtPT9uVtWI4SrkwSmBLeHz9I%2FWNBbSpDGWZB4aaUYuI1gz2%2FVx3jH2DO%2BXkSdWoGXYbFX0SShwV5QiX12TGhgQffGPPF6o6yzfNJ1jbQC34QXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae4fcdb4e55-FRA

GET
H2 200 5032-aston-villa-vs-everton-follow-the-action-live-on-f365-324x400.jpg
all-news.co/wp-content/uploads/2021/09/ 8 KB
8 KB 16ms
16ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-324x400.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d344d22787e95dcd2d7f9009d837443b5c0e1e60a2b5a0a7e5e80f405983a31f

Request headers

:path: /wp-content/uploads/2021/09/5032-aston-villa-vs-everton-follow-the-action-live-on-f365-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8211
last-modified: Sat, 18 Sep 2021 17:24:51 GMT
server: cloudflare
etag: "2013-5cc4853519271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHmdiF7yTTy1d%2Fw51O8tWwM%2FQTjyf51ZxuHBR%2BkVYmI3BdmLBJPKkwMXEMpSxZZ0Z5vim8RTpuyZR02V70F5lQlBitT6D%2FdWNJu2in4uYJX%2Fj1U0%2Bc1k5CzFNwd3fYZEwdUA6Spq1jquUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae4fce04e55-FRA

GET
H2 200 5030-vikes-griffen-in-protocol-after-deer-causes-wreck-324x400.jpg
all-news.co/wp-content/uploads/2021/09/ 23 KB
23 KB 18ms
18ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-324x400.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f413a90fb9fa4b649ed4e52a2c80a1dddcf6701e646b6edbd2d9b7e4641048

Request headers

:path: /wp-content/uploads/2021/09/5030-vikes-griffen-in-protocol-after-deer-causes-wreck-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 143
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23064
last-modified: Sat, 18 Sep 2021 15:28:36 GMT
server: cloudflare
etag: "5a18-5cc46b3999c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKSD0SEAl2b3RSeTVSJ28MKhpi36mBUVeIonArqPGYObmeNe7B0NQovrFQBdomcbRAX7ofGUbxFGz4DqmkyrIXurmJTMyXN0MdDHUGUdF88e9MUAFO91h82jJQ%2BFhEHxn8em%2Bj8wOJTw2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae4fce14e55-FRA

GET
H2 200 5020-miami-dolphins-notebook-injury-update-tough-wr-decision-coming-more-324x400.jpg
all-news.co/wp-content/uploads/2021/09/ 31 KB
31 KB 19ms
18ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/09/5020-miami-dolphins-notebook-injury-update-tough-wr-decision-coming-more-324x400.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 423c2ec0d45d64c11b73ae70f0c6c802cbc6e89acf8eececfdaba95e5b46e1dd

Request headers

:path: /wp-content/uploads/2021/09/5020-miami-dolphins-notebook-injury-update-tough-wr-decision-coming-more-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.1571109946.1632012338; _gid=GA1.2.560830841.1632012338; _gat=1; __gads=ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 145
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31592
last-modified: Fri, 17 Sep 2021 20:24:43 GMT
server: cloudflare
etag: "7b68-5cc36b8be05e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TT6MGFerbF5U2AlKhZE1yMSNjCxcsKkQQFWyETMVo99R1S8sHXnUTS5qvd0C0Bit%2FObC%2FesKpekEJWSWsb8ySz10pJGWZKUyI4DNM%2BhQ5cVxv0erzFDqIZ7BLWm50mcUmC42teHrPBJmUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 690ecae4fce24e55-FRA

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 93C8 42 B
174 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTlE-am6VpwoFy93e0rnDy6NEmnl-8PB6549OnuEqQMq8kJL3fh8WT-1q088HmBR5NUkXtE6upG6Cz2xVGqbBgocIoFmRE5eT__cxm0E4z57bTj27BjQ&sai=AMfl-YQjXurlABa9xALPoTLz_RMOejSGq0q4ztok9V1emmxO4i8hLuHLQl-Om1s38lkMMLejx223WI35houW&sig=Cg0ArKJSzK9rRybnR2jhEAE&id=lidar2&mcvt=1001&p=56,586,234,1298&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210917&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1170913138&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632012338224&rpt=771&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 00:45:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 99DC 3 KB
4 KB 40ms
12ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sun, 19 Sep 2021 00:45:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512745
x-guploader-uploadid: ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLQmiCZVS2t6TqtRtStifPKqkn4lfSPtofgkGNZKAGH4eA35RieaeI62CXJ5KaleqleeQRk3SRhDNRIMOz9WRiRPFx9UzVEQUNg1UM%2BQWNDIu5qSu%2FYTJPk8Mluw30CFWI7bS%2B61MbHo62o74Y8Vw9aD"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 690ecae57b485be9-FRA
expires: Tue, 13 Sep 2022 02:19:55 GMT

GET
H2 200 frame.html Show response
ad4m.at/ Frame FAFE 2 KB
1 KB 319ms
17ms Document
text/html 2606:4700:3039::6815:c01b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c01b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sun, 19 Sep 2021 01:45:40 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2173781
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BWXydgJsjfHJW4lxYkyqUjxdJRgY28UBMgm84Ylz6TncaOo7tcWVB41NoaCpluZRRdqmA4PMXwuAcFiNTwr2WEnejZhtnoEQqEyMTblPPQVwvZOw8qIN0wI7U1Co9oAG5oJzSg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 690ecae729431786-FRA
content-encoding: br

POST
H2 200 rs Show response
ad4m.at/ Frame 99DC 1 KB
1 KB 26ms
26ms XHR
text/plain 2606:4700:3039::6815:c01a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c01a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4a28b813ef4e35fbf71e0d34b5cd561da333640838320b8ffe0f93295fbde63

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 690ecae7af105b8c-FRA
date: Sun, 19 Sep 2021 00:45:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LU%2B6ijELBA%2BMrCQ2MP4PVCyLuyV1pCrgt2au0b31HEKHxE3dkEcawm9Wpf0GORBU%2FDKc1J2crKrmZIsJiGpLbTjUmzf9arEQMRC8dRcm85vVM8XnM559cKi6oO1dnjF4tl0CJeo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-ms1b

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 38ms
22ms Preflight
text/plain 2606:4700:3039::6815:c01a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Server: 2606:4700:3039::6815:c01a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-ms1b
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzMhhhEenep5gBij1j1JzPhk%2FzZriKtMVfsZNq1ZRxwJqrza9bBDngx0BoWy7cCCZXT%2B2N4DDLBANw%2FanOokVo9ugIk9rtSN%2FFRvNURGoZoqAvd8S%2F7MwPhXzrgWSN7Z%2BJYqPng%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 690ecae77ee45b8c-FRA

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 0394 6 KB
4 KB 20ms
20ms Document
text/html 2606:4700:3039::6815:c01b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTj&g=90f45ded034c8ca1497ebafc311858af%2F16139477276612589375&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632012340436&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1js7gjfk4zs00x2g0z29ceqkkxhhjgcf7jp8ps4ed2g7abw4jyw84a2qfv7tvpjgydpv23x4nk67qysjdx2bmhhmb5wje0pf71mtdffbf23z15zmw1mpz2pjdfe1k844m8npxyqgxz5ey5hcsx1dq1entyh1kgdz8wxbf1vkw5e3vh5pp8m97rcgt20p1xhznn9jqbn3ttq9zvy4ecc7bqh0ezs3dmp8vhf1v8e5tand8sc0sgy51pjk6h1jfmxk28mb6ph9ezv84%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c01b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b75de40ee8b40f54e726e1a947c359625abc9a5d60f17b11db7af38712cfeafe

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTj&g=90f45ded034c8ca1497ebafc311858af%2F16139477276612589375&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632012340436&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1js7gjfk4zs00x2g0z29ceqkkxhhjgcf7jp8ps4ed2g7abw4jyw84a2qfv7tvpjgydpv23x4nk67qysjdx2bmhhmb5wje0pf71mtdffbf23z15zmw1mpz2pjdfe1k844m8npxyqgxz5ey5hcsx1dq1entyh1kgdz8wxbf1vkw5e3vh5pp8m97rcgt20p1xhznn9jqbn3ttq9zvy4ecc7bqh0ezs3dmp8vhf1v8e5tand8sc0sgy51pjk6h1jfmxk28mb6ph9ezv84%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1hx6vja08qfk844s2femnehknbgx7zf18n0e5bf3w5h6g6cg04s9w0pwz7e06xr9pq2brth5tp1vddfnnqws586hc1fwq0w7teswpd39zsmxehc68eq9hbbgw38ytjrd3699yys1rz8hr8tzzq2sefqmjzrm0bhjj4h3dh6xb60qaz0qt7dt6yecf0vd462t0x4rhtj4k45ktp42vmg473bkkeex2yz4t0t6zfmzjs3rz3aaa3gk0a9cv62hgywe9gs5jyys7q9tt1j08na4gj8rnap46xw7f4mk96t1kzjfsvwqfqx8x979zv2r06rtkeczjr5wsxpyycfnk1hvzsk6th2mw7j72be7cgjnffgs241t42q98jb9kkxs8dgkfgk1jrc80kptaah3m8mqkpfh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%26client%3Dca-pub-8439024877331049%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hx6vja08qfk844s2femnehknbgx7zf18n0e5bf3w5h6g6cg04s9w0pwz7e06xr9pq2brth5tp1vddfnnqws586hc1fwq0w7teswpd39zsmxehc68eq9hbbgw38ytjrd3699yys1rz8hr8tzzq2sefqmjzrm0bhjj4h3dh6xb60qaz0qt7dt6yecf0vd462t0x4rhtj4k45ktp42vmg473bkkeex2yz4t0t6zfmzjs3rz3aaa3gk0a9cv62hgywe9gs5jyys7q9tt1j08na4gj8rnap46xw7f4mk96t1kzjfsvwqfqx8x979zv2r06rtkeczjr5wsxpyycfnk1hvzsk6th2mw7j72be7cgjnffgs241t42q98jb9kkxs8dgkfgk1jrc80kptaah3m8mqkpfh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%26client%3Dca-pub-8439024877331049%26adurl%3D

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 690ecae7d99b1786-FRA
content-encoding: br

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.8/one-ad/ Frame 0394 64 KB
8 KB 25ms
25ms Stylesheet
text/css 2606:4700:3039::6815:c01b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTj&g=90f45ded034c8ca1497ebafc311858af%2F16139477276612589375&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632012340436&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1js7gjfk4zs00x2g0z29ceqkkxhhjgcf7jp8ps4ed2g7abw4jyw84a2qfv7tvpjgydpv23x4nk67qysjdx2bmhhmb5wje0pf71mtdffbf23z15zmw1mpz2pjdfe1k844m8npxyqgxz5ey5hcsx1dq1entyh1kgdz8wxbf1vkw5e3vh5pp8m97rcgt20p1xhznn9jqbn3ttq9zvy4ecc7bqh0ezs3dmp8vhf1v8e5tand8sc0sgy51pjk6h1jfmxk28mb6ph9ezv84%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c01b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTj&g=90f45ded034c8ca1497ebafc311858af%2F16139477276612589375&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632012340436&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1js7gjfk4zs00x2g0z29ceqkkxhhjgcf7jp8ps4ed2g7abw4jyw84a2qfv7tvpjgydpv23x4nk67qysjdx2bmhhmb5wje0pf71mtdffbf23z15zmw1mpz2pjdfe1k844m8npxyqgxz5ey5hcsx1dq1entyh1kgdz8wxbf1vkw5e3vh5pp8m97rcgt20p1xhznn9jqbn3ttq9zvy4ecc7bqh0ezs3dmp8vhf1v8e5tand8sc0sgy51pjk6h1jfmxk28mb6ph9ezv84%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 291300
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Sep 2021 15:50:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 690ecae809c81786-FRA
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 0394 18 KB
19 KB 57ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTj&g=90f45ded034c8ca1497ebafc311858af%2F16139477276612589375&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632012340436&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1js7gjfk4zs00x2g0z29ceqkkxhhjgcf7jp8ps4ed2g7abw4jyw84a2qfv7tvpjgydpv23x4nk67qysjdx2bmhhmb5wje0pf71mtdffbf23z15zmw1mpz2pjdfe1k844m8npxyqgxz5ey5hcsx1dq1entyh1kgdz8wxbf1vkw5e3vh5pp8m97rcgt20p1xhznn9jqbn3ttq9zvy4ecc7bqh0ezs3dmp8vhf1v8e5tand8sc0sgy51pjk6h1jfmxk28mb6ph9ezv84%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270589
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu91ozDDBO-OxE9hT5NLbrDLRkUzcgNFzAAcgO7tWSU-CoEfm_iU7M34qxhikbD5su6fT9nLS4suAnbUBAgv6O9-dS7Kw
x-goog-storage-class: MULTI_REGIONAL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZwXKMuN8XSfsOEXsRB6iY3mgA8mhHNASp6LD5MIicHDARNDp6wLasH9IwdY5nVmlcLR79ZT%2BFpXapjOoHujFjczEvI0GHXK7078sb3dFznnduiQfOX41ziqIjJJgsyoUxVMLQQXzRAnUE5Y"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18872
cf-ray: 690ecae83f160614-FRA
expires: Mon, 20 Sep 2021 00:45:40 GMT
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
x-goog-generation: 1589805029334103
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Length
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 0394 2 KB
2 KB 56ms
28ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTj&g=90f45ded034c8ca1497ebafc311858af%2F16139477276612589375&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632012340436&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1js7gjfk4zs00x2g0z29ceqkkxhhjgcf7jp8ps4ed2g7abw4jyw84a2qfv7tvpjgydpv23x4nk67qysjdx2bmhhmb5wje0pf71mtdffbf23z15zmw1mpz2pjdfe1k844m8npxyqgxz5ey5hcsx1dq1entyh1kgdz8wxbf1vkw5e3vh5pp8m97rcgt20p1xhznn9jqbn3ttq9zvy4ecc7bqh0ezs3dmp8vhf1v8e5tand8sc0sgy51pjk6h1jfmxk28mb6ph9ezv84%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 268888
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtOI0T_daCpgEvxMvS9WlIgm2C91e0wYYaZBLYAGkP2RBEn5Lhp0rGaZyuo2bFpBMvOPcQ4APO8wR2lCr8-PX4
x-goog-storage-class: MULTI_REGIONAL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vc0ya7eSbi95h4y7DvQ9Ab%2FIwyizwD76Z8goP67ACXZSUyaZ%2F9B%2BbzoMF%2B%2B1tze%2BGCQu0xEG4GgnPf8WL99Yqn%2BCEx6VVq%2BCbRKNs7TOjvPvvrQBVs3C5SeCfxclYrxgNd9w%2FowXAX2tfwdG"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1598
cf-ray: 690ecae83f170614-FRA
expires: Mon, 20 Sep 2021 00:45:40 GMT
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
x-goog-generation: 1611162235947637
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Length
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0394 43 B
702 B 79ms
37ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuid0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTjasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Sep 2021 00:45:40 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 0394 38 KB
39 KB 57ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTj&g=90f45ded034c8ca1497ebafc311858af%2F16139477276612589375&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632012340436&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1js7gjfk4zs00x2g0z29ceqkkxhhjgcf7jp8ps4ed2g7abw4jyw84a2qfv7tvpjgydpv23x4nk67qysjdx2bmhhmb5wje0pf71mtdffbf23z15zmw1mpz2pjdfe1k844m8npxyqgxz5ey5hcsx1dq1entyh1kgdz8wxbf1vkw5e3vh5pp8m97rcgt20p1xhznn9jqbn3ttq9zvy4ecc7bqh0ezs3dmp8vhf1v8e5tand8sc0sgy51pjk6h1jfmxk28mb6ph9ezv84%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270011
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdtC-jkUVngn1thPEZRp4Dw4PEFsKJXlA_rf-t6nbyARurYpbjwx5BGRSL9KHNPDBCzwTjYuRQ9foA5moGSImZ8
x-goog-storage-class: MULTI_REGIONAL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D23LJgup6D4BSugNfkO1%2B4cSatoIZpgrHkEMEXoGrlzthqcr7RHP31fH2DFo3zK1G1xzKpvw5hWbd%2BpD44cfwJt09e43a1ZxCgojSBKp1L%2FGls%2Bih%2BQ%2F2iN5ZH13V3MjtSGkw5m9z4IAf89O"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39202
cf-ray: 690ecae83f190614-FRA
expires: Mon, 20 Sep 2021 00:45:40 GMT
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
x-goog-generation: 1579698701189315
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Length
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 0394 113 KB
114 KB 41ms
14ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTj&g=90f45ded034c8ca1497ebafc311858af%2F16139477276612589375&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632012340436&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1js7gjfk4zs00x2g0z29ceqkkxhhjgcf7jp8ps4ed2g7abw4jyw84a2qfv7tvpjgydpv23x4nk67qysjdx2bmhhmb5wje0pf71mtdffbf23z15zmw1mpz2pjdfe1k844m8npxyqgxz5ey5hcsx1dq1entyh1kgdz8wxbf1vkw5e3vh5pp8m97rcgt20p1xhznn9jqbn3ttq9zvy4ecc7bqh0ezs3dmp8vhf1v8e5tand8sc0sgy51pjk6h1jfmxk28mb6ph9ezv84%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 511083
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtM8VdpscN8mFC_dguLmkEvZf-foWZ7An4rlhm4xtLD4B3B_12C1YxNxU96XDD2o6GM7xm-oZYnVvNXg3Lla6s
x-goog-storage-class: MULTI_REGIONAL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUXziygciSRL0io270ddI41PIZvhi7O7cWvykpbj7W7Q0zrvMQIzRA0vQF3PFlCh8hmHSXJzDeEE588z58al9eU6Y%2FFdX%2BrFsn6f3kTDjdUhxMDaEqsRxqaRYOCK5k2Z2A9U7r2o29ECXEWt"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 115268
cf-ray: 690ecae83f1a0614-FRA
expires: Mon, 20 Sep 2021 00:45:40 GMT
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
x-goog-generation: 1572342177666668
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Length
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0394 43 B
703 B 76ms
34ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuid0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTjasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Sep 2021 00:45:40 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 0394 8 KB
9 KB 56ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTj&g=90f45ded034c8ca1497ebafc311858af%2F16139477276612589375&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632012340436&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1js7gjfk4zs00x2g0z29ceqkkxhhjgcf7jp8ps4ed2g7abw4jyw84a2qfv7tvpjgydpv23x4nk67qysjdx2bmhhmb5wje0pf71mtdffbf23z15zmw1mpz2pjdfe1k844m8npxyqgxz5ey5hcsx1dq1entyh1kgdz8wxbf1vkw5e3vh5pp8m97rcgt20p1xhznn9jqbn3ttq9zvy4ecc7bqh0ezs3dmp8vhf1v8e5tand8sc0sgy51pjk6h1jfmxk28mb6ph9ezv84%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 511085
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdv0eiJaweJapldq9CtdzK6CjTrssM6NPLNST-SFO3WeEJ5GC8dfb3iXtnqL68PV5IrKxAvgMXIStzhy67NHuFI
x-goog-storage-class: MULTI_REGIONAL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuDiSgfzh%2B%2FStqhxYLTXKD17i%2BbJxnI0eN36vQP7KD5xr%2BETJwcQL935Q9K2Q8CvrF9Y%2BkPoSVbISReFHnnRwd0dea8guxJ0128ofmi1S8AKu9h%2BfnKfVR%2FFcy77hUkfbc6oHBXNSFQzH3Nw"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8354
cf-ray: 690ecae83f1b0614-FRA
expires: Mon, 20 Sep 2021 00:45:40 GMT
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
x-goog-generation: 1579698787150900
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Length
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame 0394 35 KB
35 KB 53ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTj&g=90f45ded034c8ca1497ebafc311858af%2F16139477276612589375&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632012340436&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1js7gjfk4zs00x2g0z29ceqkkxhhjgcf7jp8ps4ed2g7abw4jyw84a2qfv7tvpjgydpv23x4nk67qysjdx2bmhhmb5wje0pf71mtdffbf23z15zmw1mpz2pjdfe1k844m8npxyqgxz5ey5hcsx1dq1entyh1kgdz8wxbf1vkw5e3vh5pp8m97rcgt20p1xhznn9jqbn3ttq9zvy4ecc7bqh0ezs3dmp8vhf1v8e5tand8sc0sgy51pjk6h1jfmxk28mb6ph9ezv84%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 00:45:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 267156
cf-polished: qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid: ADPycdu-0WT6edproJqElGVLeaWkOgPjS-Max0P5DFr90LBG8IS6Fim5eQMJ2tWp20YNbsmfZ7pd7d40FCQy14_XCMQ
x-goog-storage-class: MULTI_REGIONAL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSGJR5cddomgrbdvWhiM382IS9Frb%2BAecxPWQikyPjeMtubJD9i3RF1wDJhknUKBrkl80ImznqQgeiLJJMbMdEHR99ZWMjYla5%2BDle%2F96CGYhZY1RYv%2BA5tMonz08T6sOfCLDG7lYOViat3m"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35504
cf-ray: 690ecae83f1c0614-FRA
expires: Mon, 20 Sep 2021 00:45:40 GMT
last-modified: Wed, 19 Feb 2020 17:37:15 GMT
server: cloudflare
etag: "9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
x-goog-generation: 1582133835673152
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Length
cache-control: public, max-age=86400
x-goog-stored-content-length: 40264
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 0394
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMrMz97nifMCFVbhuwgdC2YJmQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuid0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTjasuid__dc_reach_suite02wkz&gdpr_cons...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1632012340_e9d26cc0-18e2-11ec-8a78-692d0556460e

0
518 B

57ms
12ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1632012340_e9d26cc0-18e2-11ec-8a78-692d0556460e
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=0TH52g4QjB1JP5WRCrdzV3wjDPcAYWTj&g=90f45ded034c8ca1497ebafc311858af%2F16139477276612589375&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632012340436&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1js7gjfk4zs00x2g0z29ceqkkxhhjgcf7jp8ps4ed2g7abw4jyw84a2qfv7tvpjgydpv23x4nk67qysjdx2bmhhmb5wje0pf71mtdffbf23z15zmw1mpz2pjdfe1k844m8npxyqgxz5ey5hcsx1dq1entyh1kgdz8wxbf1vkw5e3vh5pp8m97rcgt20p1xhznn9jqbn3ttq9zvy4ecc7bqh0ezs3dmp8vhf1v8e5tand8sc0sgy51pjk6h1jfmxk28mb6ph9ezv84%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCP747M4hGYY3bGtHF7gOIgq6oAZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAhhDKdW4q7M-qAMBqgSbAU_QtQ0FrLsADljJO3UE-U8o9pazGek55k7Wh2loMMnPhHCmXAK3bpKfrl9WetCiF98CbgW3tkElUcCwqcwRSAR1NoaD5xFg-r1rra9m61Sn1S_THERnf2o3w3jg-bXAOItopWKDZl6X76C37tWZB1bmzf2yyseTf6MGj3U2orK8VJrc0DpBuM0KVGo8wA5HBtalz_tPNGSzcSQGgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03wPgR0AsDizrdsTqfemQT7GDXdg%252526client%25253Dca-pub-8439024877331049%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Sep 2021 00:45:40 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sun, 19 Sep 2021 00:45:40 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1632012340_e9d26cc0-18e2-11ec-8a78-692d0556460e
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A24A 42 B
108 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgEXv11W3ZrMJ4W2wMaDfxdO2eM96clWLmpvE-nVrbGUameBQr3XQ4vFofUn2g9BGWD9bv2KAqV9MRQheY5nYN5A&sig=Cg0ArKJSzE5uaA2r3OsvEAE&cid=CAASF-RoQMHuPRkPM3pXTSeUUr3J9endKRJf&id=lidar2&mcvt=1000&p=863,1022,1113,1322&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210917&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1965034739&rs=2&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632012339422&rpt=542&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 00:45:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.all-news.co/	1970-01-20 14:51:24	Name: _ga Value: GA1.2.1571109946.1632012338
.all-news.co/	1970-01-19 21:21:38	Name: _gid Value: GA1.2.560830841.1632012338
.all-news.co/	1970-01-19 21:20:12	Name: _gat Value: 1
.all-news.co/	1970-01-20 06:41:48	Name: __gads Value: ID=d8c755f505fdae66-224b71a438c90003:T=1632012338:RT=1632012338:S=ALNI_MaDC8IMxoWie9LXkzGH1CiJPRdjnw
all-news.co/	1970-01-20 06:05:48	Name: cookielawinfo-checkbox-necessary Value: yes
all-news.co/	1970-01-20 06:05:48	Name: cookielawinfo-checkbox-non-necessary Value: yes
.doubleclick.net/	1970-01-20 06:41:48	Name: IDE Value: AHWqTUkAU-yvWVa10t9BGF5-4FqejUpxJCeDbXauw4K0V9HZRE_s6n8sUCNsmzvXhEE
.doubleclick.net/	1970-01-19 21:20:15	Name: DSID Value: NO_DATA
.openx.net/	1970-01-20 06:05:48	Name: i Value: 70f0098c-61a0-4126-b706-d4df958534d5\|1632012339
.pubmatic.com/	1970-01-19 21:21:38	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-19 23:29:48	Name: KADUSERCOOKIE Value: 7400A9FF-942E-4892-884E-8A5EB1464CEE
.quantserve.com/	1970-01-19 23:29:48	Name: d Value: EBgBCQGkJIEA
.quantserve.com/	1970-01-20 06:50:26	Name: mc Value: 61468834-07f3b-3db62-5b880
.casalemedia.com/	1970-01-20 06:05:48	Name: CMID Value: YUaINPwoZWW1fu0kTg5t2AAA
.casalemedia.com/	1970-01-19 23:29:48	Name: CMPS Value: 5229
.casalemedia.com/	1970-01-19 23:29:48	Name: CMPRO Value: 1190
.casalemedia.com/	1970-01-19 21:21:38	Name: CMST Value: YUaINGFGiDQA
.e.dlx.addthis.com/	1970-01-20 06:50:26	Name: na_tc Value: Y
.innovid.com/	1970-01-19 23:29:48	Name: uuid Value: 0cb433a8-a5d1-4be1-8397-d532dbb3d98a-20210918 20:45:40
.addthis.com/	1970-01-20 06:50:26	Name: na_id Value: 2021091900454000031344738551
.addthis.com/	1970-01-20 06:50:26	Name: na_tc Value: Y
.addthis.com/	1970-01-20 06:50:26	Name: uid Value: 61468834a1161a1b
.addthis.com/	1970-01-20 06:50:26	Name: ouid Value: 614688340001aff9aa85bf7ec7ebb34ec534121ee4c6f376c334
.dlx.addthis.com/	1970-01-19 22:03:24	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-19 22:03:24	Name: na_sr Value: 20210919
.dlx.addthis.com/	1970-01-19 21:20:12	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-19 22:03:24	Name: na_sc_e Value: 0
.awin1.com/	1970-01-19 21:23:05	Name: awpv11830 Value: 412871\|1632012340\|e9c72220-18e2-11ec-a1d8-692d067fb68d
.awin1.com/	1970-01-19 21:30:17	Name: awpv14098 Value: 412871\|1632012340\|e9c79750-18e2-11ec-8a78-692d0556460e
.awin1.com/	1970-01-19 21:30:17	Name: awpv11938 Value: 412871\|1632012340\|e9d26cc0-18e2-11ec-8a78-692d0556460e
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-19 21:30:24	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1632012340_e9d26cc0-18e2-11ec-8a78-692d0556460e%22%2C%22sp%22%3A%22awin%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUaINPwoZWW1fu0kTg5t2AAABKYAAAAB&google_cver=1&google_gid=CAESEL_2kJwB-RjObTsnHRaQBVE&google_push=AYg5qPJ6GP6PxisvmG9nn_SKQNJZnKcYmW10SbUR8oo0kY4sPGEih2pakjIL4kg0HcDvuVYiIn2fwx9zc75gIkD3tIaH0lASPuk Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.se
ag.innovid.com
all-news.co
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cdn.onesignal.com
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
static-de.ad4mat.net
stats.g.doubleclick.net
storage.googleapis.com
tpc.googlesyndication.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
104.111.215.191
104.111.239.217
134.119.194.231
142.250.181.226
142.250.186.102
148.251.139.77
172.217.16.130
185.64.189.115
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:3032::ac43:8293
2606:4700:3039::6815:c01a
2606:4700:3039::6815:c01b
2606:4700::6812:e134
2606:4700::6812:e234
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2004
2a00:1450:4001:801::2010
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c07::9c
2a05:d01c:1d8:8102:4225:58c4:d6f3:5063
35.186.253.211
69.173.144.165
0021fcf6011bbb68d059ae5ebda2cc09c8bee217a8b65868072cd991b8e5e564
01aac0274e3a992241baf24243554ed23ac5e9760de3b7ab78f0138910e37b05
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
038be0b60446470d8b157d17a63efadcacbcf2691dfc70e0f47c3854f60674ac
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e
0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
12ec05507a15fd8b35ff248204c99aa76b1ae894fd4559a3385072599644f9d1
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1f8d4647750168f167723d7baae004ccad468fe99c57eca3c2f0131feb43011b
231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26fb4bebfdde8d8ddc949041d94643fb3f1d14a99f43a6f5f2d1cbd8f9bad20a
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2c1fa0e08a46f56229c148528d8fa0e4ee5d950c4bd097bdab4b7935e7b8d1f8
2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
32b47a3ee3ee877ea3de7f07c5e523d503c4144599479d967ddb9a32ded8957f
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
335f0f351fdaa87818993ad5ae0c6b59faa42ce90c97c6ca3f653057da7b0735
416b14dfa5938018e98069c1d0547adc3fc79a256762eb67a825ce6fb4462077
423c2ec0d45d64c11b73ae70f0c6c802cbc6e89acf8eececfdaba95e5b46e1dd
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
48760d29d10bc648d24c47f5dc9d8776980574563aca98f71ebbb9ce77323f9e
49beb700d387c742e63bdbe609124f2cb157fb3d008d8a8dda9b72efc730c859
4b874445c1c5f287cca4f88a9b939270676c7ad03c9c7209a33a5907ae731fe0
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51d0e85097a841f69894079309ad6368bb01eb0a51411d8cf61038a7fcc49a51
52135a32eb3498f4d346b887e6addb20e500c18b6a805e528a6dc2f600e5acd0
534047d152df49b3ea66735a76a84aeaa993e3d193e8dff1daf39aff2d5fa43c
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d12411c852fcc11ebba43ff3acf0e5eb913439df6684cf56b4b85b0be15cef1
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
655e629b9417fa0b28009b49f5fa20c397c889ad4a83d664e3a3fc110a329041
6956cbfddf2ce28aee043ecd2b7dbc3ada3954646d7009c6dd1b5ca173f136f9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bbd33699a44514373f2c019844adf69e8f02fe660a54215e725071f9fe7e750
6bf93a3d3f01fc9c14f802fbb57f4793662a4f3d2d9cc285981682dfbf1f7462
6f8303bb870db3bc3af5b70fcefacf6dbdb9a79ed0ae08b59aab86b44d506d78
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
730a42a7c6e3a903b95f415359bb560282542bed2f264c95aee21e0e132e70d7
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
808fa266ffd5666e6ecbff99004bc49617c77cc4287880af64ddf3875022d128
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
86f413a90fb9fa4b649ed4e52a2c80a1dddcf6701e646b6edbd2d9b7e4641048
89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308
8a5a8396abf78790c1831c48ac3abb959821f8c99aa2a37151e3d1594f8b1c93
8abf96a942db307ad109c07911387cc201ec0907ad3a323f960a383788be0c72
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8e8b8ead59fbb432ee08c70140d8cd6e5309d6c75595fa56ca68c38bad613731
8f1ce7615f599f8dc5600c5335cd8e81b0982e05946f646bf12b846e4bc018c5
90076c521da0725b47f6c146c70f0372a2bc3477f88a6c39159e070ac5cd06c2
90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6
90e37206ec638101401c17bb4eba2bebbf52828095a2669e670778e88399e9a7
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9638ef2571f3789e83422ba28634f88da60685243594568acbcdd5e4ac3d9023
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a22f85f1a257dfe812b91e347ffff79eee4cff5eb89f0b429a32ae1ab96d8adc
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a28b813ef4e35fbf71e0d34b5cd561da333640838320b8ffe0f93295fbde63
a4b3d5c81fb072231513c1463ad8abbf44d731ac51595c302edd83d12be65499
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b17194444264cf4bf96a284e238cd423a9e8d3292ff21f65f0f23483b5df6524
b172c6d64723e1614cf1f5277f58603383d6cc24ca605047bb73937051a61bf0
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5
b75de40ee8b40f54e726e1a947c359625abc9a5d60f17b11db7af38712cfeafe
b7dc9471215ae2041369db90d3dcd77d200d84ddc50800b112d9467071281989
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c518ad5d0adbc0754bac8b71c958312a6bd77d4e318500fec44d929e00f857ec
c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1affc9ba26acca966d316f61f00df19bf4f7dd07b346ac985f3dac2204ae46e
d344d22787e95dcd2d7f9009d837443b5c0e1e60a2b5a0a7e5e80f405983a31f
d5c358b20d7c36d97e74b474116225069b4eb1337b31bd22f6b268d7ca3779f4
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbf1ce59496a4fa54ff0a8858d67a1c8c6c0e6def75df545c79d0ac089b69a0d
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e11358f81905fda56213119d8d9a1076ec679d26ad3f9ad82c0091024a7a1408
e28dc99a44f9223de4aaddda23e96fbb1e0437ec4a9cc4bd5364aea14ec46f59
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e474232bb61c9508ea9b39001f7c785f8734030f7e4287f9a7d2b1c9e7ce5cb6
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e6feb91c6ba298350d48575531094fcd32807f61662b2e40f7fb167d0d62faf1
e8ae14082f4d2088f2bcc4f8e3da3955343dd1e39e0a5f9333c45d6428c3cfc5
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
ebf28e5b73db0fb701054f34a66660878904f6ebc511167a9e0c32777cd1609a
ee41ee9d7153c868320389f164b3e6d6e631c368121e2d6eecedd5393b24bcce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34ef1c8c78e078a94950bffd82badc085a7c08552ea8e8674844d2591428ad
f4eb1a83d03b84f8a87f0aacefce3a5124642219ca4a08ceb3ae926b00fdde91
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff39c520170d9bca043dffc9bfc40731db14b45d7c3283d9832952d3c8ecb0e4
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75
ffcbd2ba45f11350c0023d62d5170688877e6d172e691aa6a8b31af7d95c3b59

all-news.co Open in urlscan Pro 2606:4700:3032::ac43:8293 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

189 Requests

99 %HTTPS

70 %IPv6

21 Domains

32 Subdomains

28 IPs

5 Countries

2569 kBTransfer

6379 kBSize

32 Cookies

4 Outgoing links

Page URL History

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

all-news.co Open in urlscan Pro
2606:4700:3032::ac43:8293 Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

99 %
HTTPS

70 %
IPv6

21
Domains

32
Subdomains

28
IPs

5
Countries

2569 kB
Transfer

6379 kB
Size

32
Cookies

189 HTTP transactions
4 data transactions