www.officenewz.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://malingindia.com/ems/index.php/campaigns/ht799ntqvkf88/track-url/rf857nosd86c1/c8e8839d3fd0d6ab6ecca201fd00d857fc...
Effective URL:
https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-st...
Submission: On July 14 via manual (July 14th 2023, 8:55:53 am UTC) from US — Scanned from DE

Summary HTTP 193 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 193 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.officenewz.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 24th 2023. Valid for: a year.

This is the only time www.officenewz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.56.94.62 45.56.94.62	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
42	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100::1735:28c2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
5 7	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
50	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
193	20

1 45.56.94.62 (Fremont, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li896-62.members.linode.com

malingindia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.officenewz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:28c2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

images.news18.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	1 MB
42	officenewz.com www.officenewz.com	484 KB
26	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	289 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com	350 KB
9	google.com 5 redirects adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	393 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	9 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	442 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1623 www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 4878	84 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	63 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4752	409 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	607 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2002	1 KB
1	news18.com images.news18.com — Cisco Umbrella Rank: 93514	163 KB
1	malingindia.com 1 redirects malingindia.com	588 B
193	16

	Domain	Requested by
50	tpc.googlesyndication.com	googleads.g.doubleclick.net www.officenewz.com tpc.googlesyndication.com pagead2.googlesyndication.com
42	www.officenewz.com	www.officenewz.com
25	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.officenewz.com googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	www.officenewz.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	fonts.gstatic.com	fonts.googleapis.com
8	www.gstatic.com	googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
7	www.google.com	5 redirects www.officenewz.com tpc.googlesyndication.com
7	fonts.googleapis.com	www.officenewz.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.googletagmanager.com	www.officenewz.com www.googletagmanager.com
3	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	netdna.bootstrapcdn.com	www.officenewz.com netdna.bootstrapcdn.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	www.google.de	www.officenewz.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	secure.gravatar.com	www.officenewz.com
1	images.news18.com	www.officenewz.com
1	malingindia.com	1 redirects
193	21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
in.pinterest.com
www.instagram.com
plus.google.com
hindi.officenewz.com
us.officenewz.com
www.news18.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-24` - `2024-03-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
images.news18.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Frame ID: 36CA85761803213B2AD45772C34D5AB0
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Frame ID: B25D69028FC64C6DB0FB9BF9E8460A2C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&adk=1812271804&adf=3025194257&lmt=1689324944&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943395&bpp=104&bdt=273&idt=667&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1529038258519&frm=20&pv=2&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=723
Frame ID: 2CB7915D8A45A39FEEC3B5304227734A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755
Frame ID: 1F93931C7F6E4BB7D42B1A72E9DBD927
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1119697868&adf=301666733&pi=t.ma~as.9475764773&w=691&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=691x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943703&bpp=38&bdt=580&idt=594&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=132&ady=2986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3AeUaTyysr&p=https%3A//www.officenewz.com&dtd=600
Frame ID: 08BE0E7A47FD6A0530E2E7E5E13C9852
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=9475764773&adk=3525961715&adf=1277868683&pi=t.ma~as.9475764773&w=300&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943853&bpp=26&bdt=730&idt=469&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C691x280&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=853&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=q2TaVP6MkZ&p=https%3A//www.officenewz.com&dtd=486
Frame ID: 5FB1B8C9161FEA0C7920CC048ECAA647
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=1636380777&adk=1147478793&adf=2472227065&pi=t.ma~as.1636380777&w=300&lmt=1689324944&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943955&bpp=5&bdt=832&idt=418&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1200&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=nDhWUGiTiD&p=https%3A//www.officenewz.com&dtd=443
Frame ID: 5476D402A23C2D3CC351639611773048
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=9475764773&adk=3525961715&adf=1277868683&pi=t.ma~as.9475764773&w=300&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943853&bpp=26&bdt=730&idt=469&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C691x280&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=853&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=q2TaVP6MkZ&p=https%3A//www.officenewz.com&dtd=486
Frame ID: 9758A00B469513E828DE2B55058C1CEE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=1636380777&adk=1147478793&adf=2472227065&pi=t.ma~as.1636380777&w=300&lmt=1689324944&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943955&bpp=5&bdt=832&idt=418&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1200&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=nDhWUGiTiD&p=https%3A//www.officenewz.com&dtd=443
Frame ID: E3E09966BDDD7AF517DE650A71E82D64
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1215408410&adf=1100620743&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943964&bpp=6&bdt=841&idt=510&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=nOr3rVQxaK&p=https%3A//www.officenewz.com&dtd=515
Frame ID: EE6FDADE0F4F632A07840CA1151FE870
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: 04DD22DA124EEE41DD3C212937FC8F82
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: F52A75D455174DAA2DD2686B5E91189D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/728x90.html
Frame ID: 634A671DAE8D9641ACD16A6C1477029E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2A6DD96C38C6985A12553071DD050811
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D51367EF9736DF9AC8AF4075B034A489
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 928F697F6473910D782CF987A6A60027
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 400A97C5061E62AF8A3C3A8C2E2CE9DC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 45CBA4245C5F524F20F7296854405B1C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 449A7A26F080FBE2E7BE99183135DD02
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html
Frame ID: 946C543A5DD0453493FBA82D2F9F113F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D33122C269ECC62C236678A2D8FB38FD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DC2F481FCAA21316BB0B65AD28BFB4A0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 392ED9797C35EF082FA15B9F94E8C316
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 35A635A23167507A87D97D40310A9D17
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 7005A645225F6CFCE72D90B73E0FFE5E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CB7F616D3475A0E5F97925BC625A68BD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9386D755E105F0A2F4791D1FBA31B9C8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Income Tax Refund: Now, Quickly Check Your Tax Refund Status In Simple Way; A Step-By-Step Guide – Latest News Headlines l Politics, Cricket, Finance, Technology, Celebrity, Business & Gadgets

Page URL History Show full URLs

https://malingindia.com/ems/index.php/campaigns/ht799ntqvkf88/track-url/rf857nosd86c1/c8e8839d3fd0d6... HTTP 301
https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-sim... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

193
Requests

99 %
HTTPS

95 %
IPv6

16
Domains

21
Subdomains

20
IPs

4
Countries

3547 kB
Transfer

8061 kB
Size

11
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/OfficeNewz/

Search URL Search Domain Scan URL

URL: https://twitter.com/newzoffice

Search URL Search Domain Scan URL

URL: https://in.pinterest.com/officenewz/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/officenewz/

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/1/113810971465015833138

Search URL Search Domain Scan URL

URL: https://hindi.officenewz.com/
Title: हिन्दी

Search URL Search Domain Scan URL

URL: https://us.officenewz.com/
Title: US

Search URL Search Domain Scan URL

URL: https://www.news18.com/business/tax/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide-8283613.html
Title: News18

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://malingindia.com/ems/index.php/campaigns/ht799ntqvkf88/track-url/rf857nosd86c1/c8e8839d3fd0d6ab6ecca201fd00d857fcb1a1e8 HTTP 301
https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 146

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 150

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 159

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 181

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 182

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

193 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Redirect Chain

https://malingindia.com/ems/index.php/campaigns/ht799ntqvkf88/track-url/rf857nosd86c1/c8e8839d3fd0d6ab6ecca201fd00d857fcb1a1e8
https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

125 KB
22 KB

176ms
111ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f92dfcb7eb348582c2b8951adb31c7f55b1f11e9d2d6f751850f2e287d096eed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8845
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e688c5dd9bf1ca9-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 14 Jul 2023 08:55:43 GMT
link: <https://www.officenewz.com/wp-json/>; rel="https://api.w.org/" <https://www.officenewz.com/wp-json/wp/v2/posts/147387>; rel="alternate"; type="application/json" <https://www.officenewz.com/?p=147387>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIP6wcEeZykqhDJHt1%2BuJ5PEZ7vULGxL3Zpx05LiXIaG2b%2B0Noc3Md5hq7W%2F%2Beoq%2F9hbe6YPkqIDYBC8KPJZ%2B83PI4VfgXWaUAdN1avAvhIIMzlY7Z383bnX6qP595Vog6qr6qgRCJnVFtpEN3Dnt3w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 varnish (Varnish/6.1)
x-pingback: https://www.officenewz.com/xmlrpc.php
x-varnish: 178662049 172124046
x-varnish-cache: HIT
x-varnish-ttl: 5554.694

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Jul 2023 08:52:21 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Fri, 14 Jul 2023 08:52:21 GMT
Location: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Pragma: no-cache
Server: Apache
X-Powered-By: PHP/7.2.24
X-XSS-Protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 146ms
70ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3108489590390600

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b9d19e30258db9f050f9347a68b17ca8d734448e9499c0e0e917892fb132375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officenewz.com/
Origin: https://www.officenewz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50908
x-xss-protection: 0
server: cafe
etag: 6329680593424366687
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:55:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
87 KB 115ms
39ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-50RQT34CCD

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffafe82253a25e01fcbc7ac66aa82fbf08208d29876d706056124faede2fe13a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88903
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jul 2023 08:55:43 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 138ms
89ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a57c63d92cf903a205f248115324f57c90a5f9e4a800f1a00a685c14a1ac74da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50882
x-xss-protection: 0
server: cafe
etag: 5032437314497033016
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:55:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
48 KB 44ms
37ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-102452714-2

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

207462218be622970d19183d841132a0408f8af7de0deb69f8f0b18fabf63f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jul 2023 08:55:43 GMT

GET
H2 200 style.min.css
www.officenewz.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 52ms
47ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 09:57:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2325294
etag: W/"642e9773-17ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxMy%2Flu7zSFT7gKUn%2BWy2vaJQ4RmIxIDDRpIcy4Mv25O3Mw5PYKWk62eTxGhbomld0IylOS3kLc9gcnr6MjLJoCVcxnxPUhmnXnqanZz%2FcRrAIy7Zg4YlVkQyGyEqicB%2BGUSkZ6wCVqkMB5tHwhD8lo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e688c5eaad51ca9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
www.officenewz.com/wp-content/plugins/contact-widgets/assets/css/ 30 KB
7 KB 37ms
32ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/plugins/contact-widgets/assets/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03dd4b22b7c6c6841f1df803d60d9a56a0b794c8f28b71705dfbb4ad052538d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 16 Nov 2019 05:03:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8500785
etag: W/"5dcf8318-777f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXj9FU4vYYmnpMGB1eRVMNrmN7nY1O1l2enK%2BqYfe39GOtcTJfBlq2uFtVBpai8oacflYU98LMmep0uIYBp5N6GS%2BEslG%2BtR9WFnQZW%2Bljpt6Dqz%2BVonVvYOz8SwgG9qW6CpK2sQ5kTfkbkb2ZXvBlE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e688c5eaad71ca9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 classic-themes.min.css
www.officenewz.com/wp-includes/css/ 291 B
567 B 50ms
45ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 09:57:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2325293
etag: W/"642e9773-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6kqInI6PZTjsnNnKJBFf8H%2Fpt3hH6QMoiaAWgmm38LP%2F7BgWOibGIXLzxk3S26CWkxEom5ec7I4e3mk2KsNKq8fJfA%2FAp4L2P1ALKHJDcM9PNzZWBq4087xvwwa8fGcvNYbvZjvRRJwAGHV%2FHkhHh8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e688c5eaad81ca9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 score-style.css
www.officenewz.com/wp-content/plugins/mvp-scoreboard/css/ 58 B
443 B 34ms
29ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/plugins/mvp-scoreboard/css/score-style.css?ver=6.2.2
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b3aa1ac355445043a17071f96e373137ae3203b05c43faa2595003555dcae9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Apr 2018 11:06:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2325294
etag: W/"5adc6cb5-3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HStYOjKsNMT2cBoOj6fZj6o5WB4fWGDs65rivsuLJLtYNlfuAxcRY4IinYBZc%2BE2uA07%2BDu3rvwe88xtaQAVK%2B5V22UrmKd89EXLOrsh9ETAfHcK%2BfVPYvR1lAaYq2AbP3py2TlUkVvl1pXtXMZssCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e688c5eaad91ca9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 public.min.css
www.officenewz.com/wp-content/plugins/source-affix/assets/css/ 190 B
450 B 48ms
43ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/plugins/source-affix/assets/css/public.min.css?ver=2.0.5
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6416173db010b2ea633566aeea00b741dad219d12846e2409202a9594a8db34c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 10:03:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2328654
etag: W/"648d84de-be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUHM2GlPjcluwhl89apPZ%2BqmqfYtR%2FedQK498i9K5ZMV%2BKOjLnhPI14Q5ogEU6chlaKCHahsQ9Zb6AeKYaRqI1HKq02V3SzIVOAUdqsSnTjdHMkIetVrwHqFlkXJUiTNCfiUzrdK6bSaaPNXHyLJj5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e688c5eaadb1ca9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 reset.css
www.officenewz.com/wp-content/themes/flex-mag/css/ 1 KB
893 B 81ms
77ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/themes/flex-mag/css/reset.css?ver=6.2.2
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Apr 2018 11:05:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2325294
etag: W/"5adc6c6e-434"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cACUzuoV3sd7bqWqJe9ySdCPA352LXl0IU42CTpw8sFFreDZtLoWvugtCMPFqskEUrWSvxTqBQDtSN39Jp%2F2Tyun7X3mjj4wZsqiC4z90qlRmaj9SPzHsfpEqTVxtWH3BecHLf3xhtzayKo6DmMhwgg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e688c5eaadc1ca9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ 37 KB
8 KB 120ms
32ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css?ver=6.2.2

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 4763006
cdn-cachedat: 05/01/2023 15:46:09
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"c495654869785bc3df60216616814ad1"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: fcb4dc52bcc887e8b7b83a16a3e1354a
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7e688c5f38c99b76-FRA
cdn-requestpullsuccess: True

GET
H2 200 style.css
www.officenewz.com/wp-content/themes/flex-mag/ 92 KB
16 KB 43ms
39ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/themes/flex-mag/style.css?ver=6.2.2
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa5065ea0977320077a8ea25eeed60f3b0b30abd1e15f9c6d81e6243961e0815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Apr 2018 11:05:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2325293
etag: W/"5adc6c6e-16e47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ef3AZXWD%2FC%2BN46E0mfS78biO4TT5mqmTZNPZP9OjnKYf2WvRB65Fi675ihgSJZXj%2FNH0j8qA1uTU%2F35aAVx5z73zYLgi3UuwyHaliZCZk2x%2BuXluutc44ZS9AQYVkOnhKF5cWYA8FI3%2FLGzvroMmhaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e688c5eaadd1ca9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 media-queries.css
www.officenewz.com/wp-content/themes/flex-mag/css/ 91 KB
10 KB 45ms
41ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/themes/flex-mag/css/media-queries.css?ver=6.2.2
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Apr 2018 11:05:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2325294
etag: W/"5adc6c6e-16af9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DHX6hZBdB6iyaEWmnsmyDob62JIaED3oF5tFwfptWSVaVaJEbCp%2BpCYET%2By3BMbNP3zZRQ%2BQOMc4YnvbL46DtHFNckbwOU3GA3jPYtvwndcnT8kvzHvZg%2BLftRzpwwpA%2FT5zmQ7uejQ%2Byry26tsD0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e688c5eaade1ca9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
www.officenewz.com/wp-includes/js/jquery/ 88 KB
32 KB 82ms
79ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 09:57:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2325294
etag: W/"642e9773-15ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2%2Fv8HGA2mGpDBbF3haudRD1rHDBq%2BAuKd2iubr1PszBPbx1Bpas%2BPVMMe8yUN5lX%2BmM6LGcU0WyvttJObxsY73tq2nFbqtWpr8Lpey1T6VRuObawxWshXmitkF6MROiUWMnHPS%2Bbzg4G5TYxnoyago%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e688c5eaadf1ca9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.officenewz.com/wp-includes/js/jquery/ 13 KB
5 KB 38ms
34ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 09:57:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6603372
etag: W/"642e9773-3470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5aVCGVIFWJxgu%2BsrOYBXJiynvbRVW%2BsttZ1QsecvN%2B4oRRgbzKNlVk%2FG5rnIk378%2BkB9I9gpTceRU6pVhRaHhcbKEWHe6l9ZccVA7yqyE9CdHKhBXiCJbujXaVOccxqJLvGeIRYhk2Pg1Sgq%2FkJlew%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e688c5eaae01ca9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
70 KB 54ms
47ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2K7D21X7VX

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a13ca0331b4d76861951b80ada10a8071b4e2d1f9407e38390ff392817ab71d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71121
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jul 2023 08:55:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 53 KB
2 KB 112ms
40ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

532491cd25fc1b4c407d008b8314961b3b14f057c44f7b15bddacbae1378f3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 08:55:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jul 2023 08:55:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 80ms
73ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3108489590390600&host=ca-host-pub-2644536267352236

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5d753089ae6bdebf39c738d8328385bb35cfc0e0f09af329b8c943737e6089d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officenewz.com/
Origin: https://www.officenewz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50848
x-xss-protection: 0
server: cafe
etag: 18134866876702198672
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:55:43 GMT

GET
H3 200 officenewz-logo_vr2-1.jpg
www.officenewz.com/wp-content/uploads/2021/05/ 21 KB
21 KB 55ms
50ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2021/05/officenewz-logo_vr2-1.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d643f2ebea27fbd24e299bf426f5f145da9162612cfc32521fecd43df75572

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1849026
alt-svc: h3=":443"; ma=86400
content-length: 21348
last-modified: Tue, 25 May 2021 10:36:29 GMT
server: cloudflare
etag: "60acd32d-5364"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wssv9mij0Jpe5rp4ylci%2Ffb%2F3%2BK%2FPHAHygoweiL6WuTmmz1ENw3Y%2Bd7neWu84iNurrwFp5gSu9mCwk0cpUg4t3EauZHYKq%2FSibb%2F8PTv4I6%2FZxlXmHZjmQ5IKfpSMkCQIuwahf46KbFhunthHZqNVOU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c60e8182bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tax-refund.jpg
www.officenewz.com/wp-content/uploads/2023/06/ 49 KB
50 KB 136ms
131ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2023/06/tax-refund.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fabf81f862d38c081c4fd81eaa53d4b49bfa6ad3222932f564354db82cccb3d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Jun 2023 06:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64802196-c5be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfHRgcEIOd6Zl4G0xR9V8Q%2BwaE7aoawGKzoNIRQHHW7vyqCpORuJMtk%2FkubgsiqE8nCa19hlcgIRUQGpToVrz3phe2wJtrwYEFYyK%2BWwHQBt8%2BtFukbzdjkxoVcQAjmVlnFHDhPpy87repB56JyF4Ok%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c60e8192bfa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 50622
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 income-tax-refund.jpg
images.news18.com/ibnlive/uploads/2023/07/ 162 KB
163 KB 1333ms
1227ms Image
image/jpeg 2a02:26f0:3100::1735:28c2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news18.com/ibnlive/uploads/2023/07/income-tax-refund.jpg?impolicy=website&width=0&height=0

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

efed8117b5a3710f3c20afa0d4d955c41d16e82d995f2f02e6b18d3cd6855ece

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
last-modified: Sat, 08 Jul 2023 09:23:23 GMT
etag: "64a92b0b-2885b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-headers: *
content-length: 165979
expires: Sun, 13 Aug 2023 08:55:44 GMT

GET
H3 200 email-decode.min.js Show response
www.officenewz.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 23ms
23ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.officenewz.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Jul 2023 15:32:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a82ff0-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zOQe1MbtreIY6vnDFmCMkRIGZhSwQ6ec4%2B44gf0P8M2Jz0XhcTrntl8XCEItaZ4FLkVgb9Mins%2BdwkZndGPWNXeR%2FfZ3wbId%2FiMMJEe7KrMf%2BFQDpTbHmJmYDlGRgMB83sgubDLoYrAsecW1v7ap6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7e688c60afc42bfa-FRA
expires: Sun, 16 Jul 2023 08:55:43 GMT

GET
H3 200 OfficeNewzlogo_vr1.png
www.officenewz.com/wp-content/uploads/2021/08/ 13 KB
13 KB 101ms
97ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2021/08/OfficeNewzlogo_vr1.png
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1a3f0ba14a3a1c8856cef9ebac408ebd8a8ca0e9d5786cc4e0b023d72c2a736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7283080
alt-svc: h3=":443"; ma=86400
content-length: 13283
last-modified: Tue, 03 Aug 2021 11:48:34 GMT
server: cloudflare
etag: "61092d12-33e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruke2Xq4Z1rgAeQpzijfKl63NNwb%2FkdYtcs29Lfy3IwXsUlFCrIrbn3ri%2B%2B3sP4K96tDzj5BrStK6zh74Rd5jbqQsY9yefanH5e8JQKw%2BSIftADlYXsbsdnGvDbOuSCV4xSWcTRY2I1mn%2FwB8O4oNZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c60e81a2bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 comment-reply.min.js Show response
www.officenewz.com/wp-includes/js/ 3 KB
2 KB 28ms
27ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-includes/js/comment-reply.min.js?ver=6.2.2
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 09:23:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2318258
etag: W/"63049c75-ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tQMT2MNQ1NmJHqFa8xVI8bUYRhlZBZD7HHZNFwXIIlBGE%2F8xxBNFn2QZYnNJ5mm9T2yd4vgWTy3Yn6hyeztkSJvc%2By7NpAnaEA19gSi%2FqfjZ1dlj5fqSQn7WMfYwc6oNgBatJ%2B%2F5n9nEDKisE%2F7qHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e688c60afc72bfa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 score-script.js Show response
www.officenewz.com/wp-content/plugins/mvp-scoreboard/js/ 795 B
859 B 32ms
30ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/plugins/mvp-scoreboard/js/score-script.js?ver=6.2.2
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bc6e28f1351c482cea5842a10ce0a213a13cb7b648f63099a7e6c26fafeb575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Apr 2018 11:06:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2318258
etag: W/"5adc6cb5-31b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4MgWq0WClqjRME%2FVY6O71GnCc%2F7X3dljoZnEDPFxNxrsJRRpyW8jJZy8fXEwtizd%2F0vrJ8yvok0DTJHOKK9ycjQdEuIVEfDBrsbLFzhGPzKocspXoHJCVXfrzgj6zLvrKMQw9U82wh%2FYMQBi1sEJoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e688c60d8032bfa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 theia-sticky-sidebar.js Show response
www.officenewz.com/wp-content/plugins/theia-sticky-sidebar/js/ 14 KB
4 KB 37ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.6.3
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf56b29f6caf555878527c99f255af107d0dce8a4db1ecec6911b2e0b1ca12c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Apr 2018 11:07:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 29938
etag: W/"5adc6cd4-3921"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtleZ1BvUmtTEGojQMWNCtVnUqxhPMdzTbyov%2FIDiWut9CzJV4Fj%2BGDdqErYVBypo%2B7r6%2BeonzdsAJXDc%2FlRGI0kr9%2Bj5DTvCDaPOrioyfPiWEJEEQAWVLFN7tf26rlSYrjBV7rT7W8qrtosLO9829c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e688c60e80a2bfa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 main.js Show response
www.officenewz.com/wp-content/plugins/theia-sticky-sidebar/js/ 435 B
673 B 34ms
27ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.6.3
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Apr 2018 11:07:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 30213
etag: W/"5adc6cd4-1b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCA4qyFAEfk9gOXCHau8sWTIgNuoWmQRDWXcr4gfObN0Ymnq3u%2FlvnfI5DvJIMdQ8CEdtp%2FisJW8%2FFipQ%2BWmS868IynNoaMn3TAmtK6wy%2FLd9wO%2BVeqCZG2KGRvjwteO6GiKff3WW0uzuVrTgTfe71o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e688c60e80d2bfa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 scripts.js Show response
www.officenewz.com/wp-content/themes/flex-mag/js/ 142 KB
35 KB 58ms
52ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/themes/flex-mag/js/scripts.js?ver=6.2.2
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Apr 2018 11:05:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26447
etag: W/"5adc6c6e-237aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAUKUPqj0uIKk2hlsEebSyoXJvBXIz3dxt5b%2F246KxZUU%2FMAY0TrAo7LpXy9lFib1qMAUHLOMJr5vnH63YK5ugXa6%2FwQCrmPMLtTv%2BeAS6U1JUHMEXOGvw3Y7Wch0FRveS%2BLM1uqO%2BiuGC%2BtBstmmZk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e688c60e80f2bfa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.infinitescroll.min.js Show response
www.officenewz.com/wp-content/themes/flex-mag/js/ 21 KB
12 KB 38ms
32ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/themes/flex-mag/js/jquery.infinitescroll.min.js?ver=6.2.2
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Apr 2018 11:05:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2318258
etag: W/"5adc6c6e-54c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB3MfhtzpA2g9QRbskXs5P6YsXaH5feiRP%2FMLraj1SALCXPsKaXjqs6eRkTk1UJW1ZqAY6PuHjkTtJMGVBAND5pjNK7zYesOBbeCTFoSJuvImSmcian7KSw%2F51MwtiDEnnxHhMYHQ9bhKNnH%2BfbmlO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e688c60e8112bfa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 autoloadpost.js Show response
www.officenewz.com/wp-content/themes/flex-mag/js/ 24 KB
8 KB 83ms
77ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/themes/flex-mag/js/autoloadpost.js?ver=6.2.2
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f986fc5267e837b7f9a51b4775dbef0fb6bd7f327796a0ccfa17c4cacf0b41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Apr 2018 11:05:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2320626
etag: W/"5adc6c6e-61c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJRuhXs%2FB1%2BYcTH8fPdxzwMJXyvTydzpaIJ4I7dAyyFFfLwy7dAgyDv4ImHfD3%2FuNHzZO79f%2FLrEyHUGZFqss2TUXtQXXRKsTRKMWLAkfBEXa4krP0UDP9cV3TG8V2XHbXWPKkeWpDlBZ7F5RKPhbQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e688c60e8122bfa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 retina.js Show response
www.officenewz.com/wp-content/themes/flex-mag/js/ 3 KB
2 KB 54ms
49ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/themes/flex-mag/js/retina.js?ver=6.2.2
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Apr 2018 11:05:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 30033
etag: W/"5adc6c6e-c20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vkHRGFPBjablfBIFlzz4bSM01frw790IvQ6bVmx0Yj8jvmssaPkj4mdY9Q7LWHXDN9ET%2FMjdn55Qj2FHFz8siwOPohYmp5c0uW6i1IhNyvv8FZy%2FkdBISkH4Pl29lAiBWNmuIXvClr7D%2FpGMgilhWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e688c60e8162bfa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 akismet-frontend.js Show response
www.officenewz.com/wp-content/plugins/akismet/_inc/ 10 KB
3 KB 103ms
98ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1688208887
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Jul 2023 10:54:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 29946
etag: W/"64a005f7-29ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZkvQhBPaJyVS%2FEf9Gl8qEZ1VRZlPvnDKHuMtcH9Lc%2FjLinvg5Tqvtn3RrWtf1f5ECZFh9bT%2FoXLRhZSmMekX6MlYD%2B6A%2BJeIEek73c2VqOoR7qubvCKCLXU3psRGe1pqhYLanvkivKt8vdTByBjP5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e688c60e81b2bfa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.officenewz.com/wp-includes/js/ 18 KB
5 KB 104ms
99ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officenewz.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 09:57:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2303219
etag: W/"642e9773-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xRPOIA75QH1UAz9GrxoJ8haYpt9RtoG9VkOdSHEHLsvTN1HIqDnq0L8LrD8Pa%2BxOSDZ%2BcYKInUyZWPRYB3gUKo8%2BeTtCOttneJ74AEbjGfuULNxpkGkUKKycue6Lresmc2PubmfTPSAAZ0Brjk7GKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e688c60e81d2bfa-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ 356 KB
122 KB 141ms
94ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3108489590390600&plah=www.officenewz.com&bust=31076126

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3108489590390600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

545bfd8b2f6cdff3bee2b882cd30c9bc1c824640269ec75d644ee1bfab178455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125350
x-xss-protection: 0
server: cafe
etag: 4903939953891459657
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:55:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/ Frame B25D 10 KB
5 KB 76ms
23ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3108489590390600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officenewz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 12:09:00 GMT
etag: 12368291122986407432
expires: Thu, 27 Jul 2023 12:09:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 106 KB
41 KB 41ms
36ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDNMZRJ

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3eac8050e1a4ab09579c3f6c1fbf408e308a93a72550906125cb930fbd3d1067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42123
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jul 2023 08:55:43 GMT

GET
H3 200 fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 64ms
32ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css?ver=6.2.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css?ver=6.2.2
Origin: https://www.officenewz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752
age: 6645226
cdn-cachedat: 08/17/2022 18:20:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b2b302c47cc72b1bd70621f650a14f8f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7e688c615f0936de-FRA
cdn-requestpullsuccess: True

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 90ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officenewz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:44:08 GMT
x-content-type-options: nosniff
age: 249095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jul 2024 11:44:08 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
18 KB 117ms
50ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af5a9628858b383c6257068c476c25b5a8a6421b686a349a828c47f526e7f877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officenewz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 21:57:29 GMT
x-content-type-options: nosniff
age: 557894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18628
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 21:57:29 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 108ms
43ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officenewz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 501873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 13:31:10 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 119ms
56ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officenewz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 494038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 15:41:45 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 108ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-50RQT34CCD&gtm=45je37c0&_p=465791507&cid=1272552892.1689324944&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689324943&sct=1&seg=0&dl=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&dt=Income%20Tax%20Refund%3A%20Now%2C%20Quickly%20Check%20Your%20Tax%20Refund%20Status%20In%20Simple%20Way%3B%20A%20Step-By-Step%20Guide%20%E2%80%93%20Latest%20News%20Headlines%20l%20Politics%2C%20Cricket%2C%20Finance%2C%20Technology%2C%20Celebrity%2C%20Business%20%26%20Gadgets&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50RQT34CCD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:55:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.officenewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 122 KB
47 KB 37ms
35ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-102452714-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50RQT34CCD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ca68dcdd0072e71bb225f292f922a01d20ebb67444a7fffa6bc487b15379157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48225
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jul 2023 08:55:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
70 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2K7D21X7VX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50RQT34CCD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23741e8bccb16b02146f85d0d950b0a573a5e7d420fd092c0405b86479ea5d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71210
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jul 2023 08:55:43 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ 47 KB
47 KB 39ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officenewz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:44:39 GMT
x-content-type-options: nosniff
age: 249064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47728
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jul 2024 11:44:39 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 44ms
26ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officenewz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:40:31 GMT
x-content-type-options: nosniff
age: 512112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 10:40:31 GMT

GET
H2 200 ad680f21af6c05eb98cb92d9eebf4aa9
secure.gravatar.com/avatar/ 1 KB
1 KB 83ms
26ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/ad680f21af6c05eb98cb92d9eebf4aa9?s=50&d=mm&r=g
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ec626d1355ef5d84689c88b2ec9e383fa16b0be9c068fe5fc913be061542edbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 14 Jul 2023 08:55:43 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="ad680f21af6c05eb98cb92d9eebf4aa9.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/ad680f21af6c05eb98cb92d9eebf4aa9?s=50&d=mm&r=g>; rel="canonical"
content-length: 1128
expires: Fri, 14 Jul 2023 09:00:43 GMT

GET
H3 200 ITR-300x180.jpg
www.officenewz.com/wp-content/uploads/2021/09/ 11 KB
12 KB 98ms
97ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2021/09/ITR-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8297a8e1175addbb63a9270cf155682fbc3b02bb0426711ba41f06d549b6ca4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Sep 2021 10:58:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "614474f1-2c57"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRFMXKm1mte2jgtgQc4eFMDEmedZ2fFYmHK0HeAlUtyOFvFz6Qgc%2BCrWpW5%2FN33HTjPA74z2K%2FHtkhihyOeyoaD6uKvyxKw3P1TgFsFys1UOaMOaF3G4Ac%2FJswdjsYtANuI4N9dws%2BNPV3epvb6sdSI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c62aa0a2bfa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11351
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 online-gaming-300x180.jpg
www.officenewz.com/wp-content/uploads/2023/07/ 12 KB
12 KB 30ms
29ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2023/07/online-gaming-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2025b09d0c4e19196c50c04bec17aa2599fbbe3066a6998225c494ebfedc057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79800
alt-svc: h3=":443"; ma=86400
content-length: 12015
last-modified: Thu, 13 Jul 2023 10:05:58 GMT
server: cloudflare
etag: "64afcc86-2eef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5lydtbOXQp7sPNURjZ42mWh1aEP1xu4zR%2Fb64vuuO4nzD%2B7%2BJQuHaAIHrZF8ZN15m1BSyGhGCwYx4oocuACu8dHSa2yTv5IqRXoFPgmhjiJWZG%2Ff0%2BjB%2BpHe%2F2FFErtSQSqXqWtZcFIY5Yl4nIAAik%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c62aa0c2bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 855825-itr-form-cbdt-300x180.jpg
www.officenewz.com/wp-content/uploads/2020/04/ 14 KB
15 KB 29ms
28ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2020/04/855825-itr-form-cbdt-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5421d88245220e2c1bef2ac3c140426476dbc3a219d1f24bc5ad5da0e6445782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79800
alt-svc: h3=":443"; ma=86400
content-length: 14504
last-modified: Mon, 20 Apr 2020 05:33:03 GMT
server: cloudflare
etag: "5e9d340f-38a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4TCpm%2Bl55m%2FCHWK2P%2BZdvcVtM1Og5eOlMvg4E4dmNTg5p1aWlDRrwmo06yS%2FmJk3DKLtYl1vBX4KbW88ZkXHye6VxbisovheQg2X369HwJ6c4aZCTWLGtO5tu2q37BcqM7ovGOa1pXYSJXxgJv2D70%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c62aa0e2bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 work-from-office-e1668061839680-300x180.jpg
www.officenewz.com/wp-content/uploads/2021/06/ 9 KB
9 KB 32ms
32ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2021/06/work-from-office-e1668061839680-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f8fafce4e2719cd2f20fbcf269ee0e636ad4736f34b6f68f8d9ea23a4808507

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 234181
alt-svc: h3=":443"; ma=86400
content-length: 9172
last-modified: Thu, 10 Nov 2022 06:30:39 GMT
server: cloudflare
etag: "636c9a8f-23d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyk0bVa1nN0syLIbND1I9vTvvpAEBUIwnUw6XPbwX3T3mGnpIhQ4Qrw9ApFlDHKP2I8SHqS1dP8JpdQCONylUSVIplF4gY3%2FdaEhoAXWuk3OTTOYoB0UfyzkN%2B3tN2irVNGGi9%2BHU8yzyrHZorN6N%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbca2bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Club-Vistara-IDFC-FIRST-Credit-Card-300x180.jpg
www.officenewz.com/wp-content/uploads/2023/07/ 13 KB
14 KB 34ms
32ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2023/07/Club-Vistara-IDFC-FIRST-Credit-Card-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80fa9e343d11e244935a34793d36838d9675bc88c1fe148581af7fb9d33dfc0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 241886
alt-svc: h3=":443"; ma=86400
content-length: 13600
last-modified: Tue, 11 Jul 2023 11:03:26 GMT
server: cloudflare
etag: "64ad36fe-3520"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYXd14olTKFcOxGTA0CG%2FX4x8gIECr1whBQsjghUuMEzX6IlGJ7m4CYqsEY2NhINU2TCugCjmdTnNbs%2F6zAJdaUCIBXwIApriETz0RdPNPS3cByZMinKmNaYz0wlQn30fXAzcVhlA2kUhitfwMbMNII%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbd12bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 travel-summer-300x180.jpg
www.officenewz.com/wp-content/uploads/2021/11/ 16 KB
17 KB 35ms
32ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2021/11/travel-summer-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e722c828490f28ca9c6cdd734282ba25c29f965ce53898540bb659bc8469f2db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 362393
alt-svc: h3=":443"; ma=86400
content-length: 16481
last-modified: Thu, 11 Nov 2021 09:35:28 GMT
server: cloudflare
etag: "618ce3e0-4061"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxfNNx%2Bpnd67iKhynGFvGqXROBIx5humh%2FRIhCjITqxAcmnR1F8zsZAG%2Bgx2DmZiRppGU0gPtJNrtraf%2FargLw6iarDgBnC2E1CbC6LYf9DOMqDS0Ylu%2FTo3nVnUMfm1xvoWVaCF8bnL8Y5%2BeARhbc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbd42bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 211821-earn-money-from-home-300x180.jpg
www.officenewz.com/wp-content/uploads/2021/07/ 13 KB
13 KB 110ms
108ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2021/07/211821-earn-money-from-home-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6d2ed906a0ba03d856b39e81a56898885de82c0daacb15403c4c72c173e0a66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: MISS
last-modified: Sat, 31 Jul 2021 10:04:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61052028-3326"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKz02%2FT4s5WLaAGvxUYwYA2%2BeML5AYVnPQDmjziLEWKcf%2BbL%2FSyAhYrRGIOzYheNayrlesXLywoqnOVPlw1wk2lbhweghSgsPKrZxPHCzQ%2FqYoZlGSwVG%2BVFkp07b%2B8%2Fm6Vmc%2BAtHV6jTK6XyDnm%2Fdg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbd62bfa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13094
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 maruti-suzuki-fronx-cng-300x180.jpg
www.officenewz.com/wp-content/uploads/2023/07/ 13 KB
13 KB 55ms
53ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2023/07/maruti-suzuki-fronx-cng-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6fc8040057d07b4ba325113cedebae1f6895da7ce0b2d7b8ad89d012dbf5fce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11013
alt-svc: h3=":443"; ma=86400
content-length: 13087
last-modified: Wed, 12 Jul 2023 10:49:36 GMT
server: cloudflare
etag: "64ae8540-331f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnvIVMVGxxL8OWv4k8XkJrudQPRDRTuspnK4vhV7e6k2cgIUNaRb6EVPtlXgUAcd7LeMlikYmse%2FLt%2BjBH6JDSKf4Ln2kAXyQKEOoHfL%2FowJKx75tWtu5Bdf13v5f7IqcMWjXqTcPmGAk%2BEoBI0uvAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbd72bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 education-news-300x180.jpg
www.officenewz.com/wp-content/uploads/2021/07/ 16 KB
17 KB 38ms
36ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2021/07/education-news-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c159cb52f2e5989f320bde869a5582e2b4d0fcf773653c9130bf9c2a54e11de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 362394
alt-svc: h3=":443"; ma=86400
content-length: 16548
last-modified: Tue, 20 Jul 2021 10:32:13 GMT
server: cloudflare
etag: "60f6a62d-40a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FWrKpqlg%2FVJOYb2zE6bj6e3QgwHSiI%2Fu7Avm%2FbLf9CbW%2FcO%2Bc7guJjmn1h4iLt1V405ApI1WQoLVMAwLeIWZFHSU0zIOfFOAGFlf4dZ9ByUA2TL3AoZN2ucAKGEV3nVZVLGGgqw50D%2FffxglLDuzrY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbd92bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 mahesh-gupta-300x180.jpg
www.officenewz.com/wp-content/uploads/2023/07/ 11 KB
11 KB 37ms
35ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2023/07/mahesh-gupta-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7df479e97de27dd08d91229b83ef7baa3ea0e847edfb9ab1e32544ea5baf9c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11013
alt-svc: h3=":443"; ma=86400
content-length: 11072
last-modified: Thu, 13 Jul 2023 11:00:52 GMT
server: cloudflare
etag: "64afd964-2b40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XT3Ix7AABfTTwVoqwzjoTKaKXlFy1BzB2P6%2BeSfz7%2BFGvNn%2BLC5HZ4oKTraGgpwlYn7XlXwVFQI3Er%2FBiKCelyWx5MlQGeug1pmGfzI0yT8wYajyo1y33jmYx97Qf5AtFvi3zfgJznsI1V3x3fMUFPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbde2bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 mutual-funds-sip-300x180.jpg
www.officenewz.com/wp-content/uploads/2023/06/ 9 KB
9 KB 34ms
32ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2023/06/mutual-funds-sip-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56547e8e0713fe16d2319c2a5e6f10d665c33be38a34dd244824841e7d9f9290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 320324
alt-svc: h3=":443"; ma=86400
content-length: 9036
last-modified: Wed, 28 Jun 2023 10:33:04 GMT
server: cloudflare
etag: "649c0c60-234c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kJOpRcgrcDwi62ycBCw44pJ3vCI%2BX1t0TRR5nwJFg0hECFiQkMmVDEiEeAgBce1hfilL5%2BnUv9B7BqfJBzR9d4LusPW8AE90ugJEvCfGBMWVOA0%2FsjTU112l%2FvHlLYwnZLxEMuVCVmBnccaz4MHjHc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbe02bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 twitter-1-300x180.jpg
www.officenewz.com/wp-content/uploads/2021/08/ 11 KB
11 KB 56ms
54ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2021/08/twitter-1-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d5257721f9d01aeb7ba374a9c17258e61b43f0fa9426fe4fa793ef18efc131f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 234180
alt-svc: h3=":443"; ma=86400
content-length: 10833
last-modified: Sat, 07 Aug 2021 17:20:32 GMT
server: cloudflare
etag: "610ec0e0-2a51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BEXqFMj6hYbWixhXeUfh%2BWX54Lj%2FQZH2kpbzPMb6uVUWDF6N3nYXxTTv5mCk%2B38wboCV%2BgJphHeELpsUL3gCZuKtuZBvlS%2BuwC58HMDuSU4wMuuhayfXN1f4CKE65tSLnqiuagQbO6S62vCLa5agOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbe22bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 anil-ambani-tina-ambani-300x180.jpg
www.officenewz.com/wp-content/uploads/2023/07/ 12 KB
13 KB 103ms
101ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2023/07/anil-ambani-tina-ambani-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00152548ef3a6b663c0f90d66a487ffb6ac23bdf03184cff707ba4bbc98d40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Jul 2023 06:31:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64a3bcd1-31a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1Koh3CBgHguj6%2B9r942wRXL%2FNR1ItkXqduGzNFpA07b1j9QTVnxADQMca7YGv%2BcJ6E270D%2BHpNi9HM4%2BkDeb%2F2q3Cwkt9hG7vhQCnJRywsLN95HfDO8hqIPlS81exYRFF98xl2dAnVG%2B2Emye9O%2FB0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbe62bfa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12705
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 himachal-rain-300x180.jpg
www.officenewz.com/wp-content/uploads/2023/07/ 10 KB
11 KB 56ms
55ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2023/07/himachal-rain-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e8674824a397d31888df8fcfe8eb678b2a4445a04b516adeb4b7499b6d35a17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 104207
alt-svc: h3=":443"; ma=86400
content-length: 10517
last-modified: Sun, 09 Jul 2023 09:44:06 GMT
server: cloudflare
etag: "64aa8166-2915"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdaliiWrPF3jOlaSYNKDIQQXA2xxwdXcY38ecUAstNmbj4yl2IC8b5EJoE%2B6KJV6EAGhbuKRrl59bVIbc009vCB%2BNfUpgVaGEKpjibiCC6%2BwXvzxmesSTChaShppnjzeXOHS0hIO2gOP9W3aJkFKFx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbed2bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ipo-300x180.jpg
www.officenewz.com/wp-content/uploads/2021/08/ 20 KB
21 KB 58ms
56ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2021/08/ipo-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e9148898afa934127e4099406b034770f1979aef90cfa048e090d1ae4542cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161428
alt-svc: h3=":443"; ma=86400
content-length: 20836
last-modified: Tue, 03 Aug 2021 09:23:46 GMT
server: cloudflare
etag: "61090b22-5164"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2D9UK46KgRaDO6jaHHitZBPfo5tqGo6hgvad30gDw%2BwhU6JDxHRnlUoY0dQatZwac6xLg3l69jCgrE9vwpeDapUKQdpVQRcCLXLKs1sTBI1QkfGWIvkM%2F8lp65fu7jQqkaYgjGRGVK7b52iraSHbs%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbef2bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 gold-biscuits-SEIZED-300x180.jpg
www.officenewz.com/wp-content/uploads/2021/09/ 15 KB
16 KB 58ms
57ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2021/09/gold-biscuits-SEIZED-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c79118b448fb2f78d015a4df5531e8f42d47df7fa3e52529b2517341f012393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94947
alt-svc: h3=":443"; ma=86400
content-length: 15633
last-modified: Wed, 08 Sep 2021 04:06:49 GMT
server: cloudflare
etag: "613836d9-3d11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyRrN0a7rzzgFRopPA2MpeFJxfjLpgZK2UoFhM%2BooTtbCZTVQg7syC5PAmDkppBjybmOukW0lYAurnCie4g%2Fqmt0IQAfhJhf0%2BuFXO%2BQhcNhI6BFWKMs9rySKYzx%2FGhVjcbXQHYftk01BF%2FYL2uO4C8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbf12bfa-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Reliance-e1662388449634-300x180.jpg
www.officenewz.com/wp-content/uploads/2021/04/ 5 KB
6 KB 104ms
102ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officenewz.com/wp-content/uploads/2021/04/Reliance-e1662388449634-300x180.jpg
Requested by: Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f4a6ebd21acfecb59ecf8cd0cfbcb99d160f98f286e786aedf23a73d116928f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Sep 2022 14:34:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "631608e1-1531"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naXKi2TWkHubQFiLv0SmE369hkf9BVOcLSZci9pwO9eEgw6iGrKNcmATcDG6ZHH1MwUkew8h%2BsmqKj9HUTgHWBgnwCTnIVW9tgGaKhLURLSnWfRN0R4dQ%2BApLm5MJEG4TXWxv8FtyaKf0hGyseLqNbU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e688c63fbf22bfa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5425
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
607 B 81ms
29ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.officenewz.com&callback=_gfp_s_&client=ca-pub-3108489590390600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3108489590390600&plah=www.officenewz.com&bust=31076126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20dcf0525b0cc326516bcea52aa519cc3b3aab21bf581a20b7a4b5c9cb8ece9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 80ms
30ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.officenewz.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2CB7 364 KB
87 KB 1010ms
1009ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&adk=1812271804&adf=3025194257&lmt=1689324944&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943395&bpp=104&bdt=273&idt=667&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1529038258519&frm=20&pv=2&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=723

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc275fe3bebee4832abe58fc297851607d1b319c37ce9168770cbd5139351496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officenewz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 88781
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:45 GMT
expires: Fri, 14 Jul 2023 08:55:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
79 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ERGFG1RSZX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-102452714-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90dde1617c40024f039f13971561a4441f0c67d5fc064570896da86060e9d42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81053
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jul 2023 08:55:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 84ms
21ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-102452714-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Jul 2023 08:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1225
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 14 Jul 2023 10:35:19 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 35ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2K7D21X7VX&gtm=45je37c0&_p=465791507&gdid=dZTNiMT&cid=1272552892.1689324944&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689324944&sct=1&seg=0&dl=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&dt=Income%20Tax%20Refund%3A%20Now%2C%20Quickly%20Check%20Your%20Tax%20Refund%20Status%20In%20Simple%20Way%3B%20A%20Step-By-Step%20Guide%20%E2%80%93%20Latest%20News%20Headlines%20l%20Politics%2C%20Cricket%2C%20Finance%2C%20Technology%2C%20Celebrity%2C%20Business%20%26%20Gadgets&en=page_view&_fv=1&_ss=1&_ee=1&ep.optimize_id=OPT-PXF23TK
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2K7D21X7VX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:55:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.officenewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F93 114 KB
39 KB 1215ms
1214ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df5832bfdfd15feadf7d012b80cb41b1d3d6a681c09447dd2172d4dbb875e11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officenewz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39450
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:45 GMT
expires: Fri, 14 Jul 2023 08:55:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 08BE 114 KB
38 KB 860ms
860ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1119697868&adf=301666733&pi=t.ma~as.9475764773&w=691&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=691x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943703&bpp=38&bdt=580&idt=594&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=132&ady=2986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3AeUaTyysr&p=https%3A//www.officenewz.com&dtd=600

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6106a7af3cf4816b71cd30f81ade3579401b393f99e10e09ccde1d656a60a110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officenewz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38594
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:45 GMT
expires: Fri, 14 Jul 2023 08:55:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 5FB1 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 5476 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9758 88 KB
34 KB 1276ms
1275ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=9475764773&adk=3525961715&adf=1277868683&pi=t.ma~as.9475764773&w=300&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943853&bpp=26&bdt=730&idt=469&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C691x280&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=853&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=q2TaVP6MkZ&p=https%3A//www.officenewz.com&dtd=486

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86275d12713a35a1c5396617d0555293c9e93e966586de4612d08fcedff88b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officenewz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34824
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:46 GMT
expires: Fri, 14 Jul 2023 08:55:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E3E0 117 KB
39 KB 1260ms
1260ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=1636380777&adk=1147478793&adf=2472227065&pi=t.ma~as.1636380777&w=300&lmt=1689324944&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943955&bpp=5&bdt=832&idt=418&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1200&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=nDhWUGiTiD&p=https%3A//www.officenewz.com&dtd=443

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e18d7f1a9bfef897a250d2e1c44a88233e854048b00e35afde4b208f6d81d19

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ_aherpjYADFcmsmgodQYwKpw&gqi=kA2xZJvpOfiF9u8PiviDsAU&layout=/sadbundle/%24csp%253Der3%24/8056895536743055360/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officenewz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39603
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ_aherpjYADFcmsmgodQYwKpw&gqi=kA2xZJvpOfiF9u8PiviDsAU&layout=/sadbundle/%24csp%253Der3%24/8056895536743055360/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:46 GMT
expires: Fri, 14 Jul 2023 08:55:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE6F 117 KB
38 KB 508ms
507ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1215408410&adf=1100620743&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943964&bpp=6&bdt=841&idt=510&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=nOr3rVQxaK&p=https%3A//www.officenewz.com&dtd=515

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c54bae6476edbf336233a13c398686607f59f7bc1344a61e5d0ec0f5435d97d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officenewz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39112
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:45 GMT
expires: Fri, 14 Jul 2023 08:55:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 27ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ERGFG1RSZX&gtm=45je37c0&_p=465791507&cid=1272552892.1689324944&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689324944&sct=1&seg=0&dl=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&dt=Income%20Tax%20Refund%3A%20Now%2C%20Quickly%20Check%20Your%20Tax%20Refund%20Status%20In%20Simple%20Way%3B%20A%20Step-By-Step%20Guide%20%E2%80%93%20Latest%20News%20Headlines%20l%20Politics%2C%20Cricket%2C%20Finance%2C%20Technology%2C%20Celebrity%2C%20Business%20%26%20Gadgets&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ERGFG1RSZX&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:55:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.officenewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 29ms
28ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=465791507&t=pageview&_s=1&dl=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&ul=en-us&de=UTF-8&dt=Income%20Tax%20Refund%3A%20Now%2C%20Quickly%20Check%20Your%20Tax%20Refund%20Status%20In%20Simple%20Way%3B%20A%20Step-By-Step%20Guide%20%E2%80%93%20Latest%20News%20Headlines%20l%20Politics%2C%20Cricket%2C%20Finance%2C%20Technology%2C%20Celebrity%2C%20Business%20%26%20Gadgets&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=487815819&gjid=1624544388&cid=1272552892.1689324944&tid=UA-102452714-2&_gid=831699349.1689324945&_r=1&gtm=457e37c0&jsscut=1&z=1889397096

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officenewz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:55:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.officenewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 84ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102452714-2&cid=1272552892.1689324944&jid=487815819&gjid=1624544388&_gid=831699349.1689324945&_u=YADAAUAAAAAAACAAI~&z=2137686532

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officenewz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 14 Jul 2023 08:55:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.officenewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
409 B 105ms
45ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102452714-2&cid=1272552892.1689324944&jid=487815819&_u=YADAAUAAAAAAACAAI~&z=1934081497

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:55:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 103ms
52ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102452714-2&cid=1272552892.1689324944&jid=487815819&_u=YADAAUAAAAAAACAAI~&z=1934081497

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:55:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 08BE 14 KB
1 KB 33ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1119697868&adf=301666733&pi=t.ma~as.9475764773&w=691&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=691x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943703&bpp=38&bdt=580&idt=594&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=132&ady=2986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3AeUaTyysr&p=https%3A//www.officenewz.com&dtd=600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jul 2023 08:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 07:10:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jul 2023 08:55:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 08BE 2 KB
946 B 199ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 08BE 23 KB
9 KB 148ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 08BE 3 KB
1 KB 159ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 08:38:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 08BE 20 KB
9 KB 198ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08BE 179 KB
57 KB 211ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:55:45 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 08BE 33 KB
14 KB 137ms
20ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ 154 KB
52 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/reactive_library_fy2021.js?bust=31076126

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9d0d01c5b751f6e8ab7d46d384bfbaaf973a2fc907842d1a756a91cb4800969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53520
x-xss-protection: 0
server: cafe
etag: 14986473406882417114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:55:45 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15073207191745223876/ Frame 08BE 10 KB
10 KB 127ms
37ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15073207191745223876/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39203075ce635df44665631d87b8d2a39c958d89a5f3cb6b48b291cec0073ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:40:46 GMT
x-content-type-options: nosniff
age: 263699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9828
x-xss-protection: 0
last-modified: Wed, 03 May 2023 12:40:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jul 2024 07:40:46 GMT

GET
DATA 200
OK truncated
/ Frame 08BE 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 08BE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 37ms
32ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.officenewz.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame 04DD 10 KB
4 KB 29ms
27ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officenewz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 15:03:07 GMT
etag: 12368291122986407432
expires: Thu, 27 Jul 2023 15:03:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame F52A 10 KB
4 KB 27ms
21ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officenewz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 15:03:07 GMT
etag: 12368291122986407432
expires: Thu, 27 Jul 2023 15:03:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame EE6F 14 KB
1 KB 47ms
45ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1215408410&adf=1100620743&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943964&bpp=6&bdt=841&idt=510&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=nOr3rVQxaK&p=https%3A//www.officenewz.com&dtd=515

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jul 2023 08:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 07:14:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jul 2023 08:55:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame EE6F 2 KB
927 B 28ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1215408410&adf=1100620743&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943964&bpp=6&bdt=841&idt=510&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=nOr3rVQxaK&p=https%3A//www.officenewz.com&dtd=515

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame EE6F 23 KB
9 KB 38ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1215408410&adf=1100620743&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943964&bpp=6&bdt=841&idt=510&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=nOr3rVQxaK&p=https%3A//www.officenewz.com&dtd=515

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame EE6F 3 KB
1 KB 39ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1215408410&adf=1100620743&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943964&bpp=6&bdt=841&idt=510&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=nOr3rVQxaK&p=https%3A//www.officenewz.com&dtd=515

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 04:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 04:56:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame EE6F 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1215408410&adf=1100620743&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943964&bpp=6&bdt=841&idt=510&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=nOr3rVQxaK&p=https%3A//www.officenewz.com&dtd=515

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE6F 179 KB
56 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1215408410&adf=1100620743&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943964&bpp=6&bdt=841&idt=510&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=nOr3rVQxaK&p=https%3A//www.officenewz.com&dtd=515

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:55:45 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame EE6F 33 KB
14 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1215408410&adf=1100620743&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943964&bpp=6&bdt=841&idt=510&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=nOr3rVQxaK&p=https%3A//www.officenewz.com&dtd=515

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H2 200 90cda0d4b2e9798013d5ae8e8588fe0b.js Show response
www.gstatic.com/mysidia/ Frame 1F93 9 KB
4 KB 31ms
13ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/90cda0d4b2e9798013d5ae8e8588fe0b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3972
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 16:59:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H2 200 625cf768cbe347b91a2a5f777e7fdf0e.js Show response
www.gstatic.com/mysidia/ Frame 1F93 10 KB
4 KB 36ms
19ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/625cf768cbe347b91a2a5f777e7fdf0e.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6596c76db554d20141e25d1b2ee55bba68a67a28ec149559fd252e8f1172d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 06:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4367
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:47:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 06:09:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1F93 14 KB
1 KB 45ms
39ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jul 2023 08:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 07:17:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jul 2023 08:55:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 1F93 2 KB
896 B 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 1F93 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 1F93 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 04:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 04:56:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 1F93 20 KB
8 KB 33ms
11ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F93 179 KB
56 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:55:45 GMT

GET
H3 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 1F93 33 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3751434330202142372/ Frame EE6F 77 KB
77 KB 33ms
21ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3751434330202142372/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1215408410&adf=1100620743&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943964&bpp=6&bdt=841&idt=510&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=nOr3rVQxaK&p=https%3A//www.officenewz.com&dtd=515

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c32d13b5f30a647306be5fc45aa71584dab819e3f21bc456aa714b01b3529b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 07:51:31 GMT
x-content-type-options: nosniff
age: 522254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78733
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 09:13:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 07:51:31 GMT

GET
DATA 200
OK truncated
/ Frame EE6F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EE6F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css2
fonts.googleapis.com/ Frame 04DD 4 KB
671 B 38ms
38ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jul 2023 08:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 07:17:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jul 2023 08:55:45 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 04DD 205 B
229 B 25ms
25ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:18:37 GMT
x-content-type-options: nosniff
age: 59828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 12 Jul 2024 16:18:37 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 04DD 604 B
628 B 30ms
29ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:17:39 GMT
x-content-type-options: nosniff
age: 56286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 12 Jul 2024 17:17:39 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 04DD 14 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dd63824a6304e84f5ac8549da2750d150a0eb24c50960dd83e08a63d5a97f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 20:59:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6331
x-xss-protection: 0
server: cafe
etag: 18044331813203521086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 20:59:34 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 04DD 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8599
x-xss-protection: 0
server: cafe
etag: 12796843930313450165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 14:12:42 GMT

GET
H3 200 728x90.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/ Frame 634A 3 KB
1 KB 40ms
34ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/728x90.html

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c105718322639113b348efc122bee30460c6f605bd5f432c72a37d66fcb71071

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 281598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1328
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 02:42:27 GMT
expires: Wed, 10 Jul 2024 02:42:27 GMT
last-modified: Thu, 08 Jun 2023 06:16:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame F52A 23 KB
9 KB 38ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2A6D 143 B
166 B 38ms
34ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame F52A 3 KB
1 KB 36ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 04:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 04:56:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame F52A 20 KB
8 KB 37ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
DATA 200
OK truncated
/ Frame 08BE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f42b678caa9fda649286760619b2d9b761d7e73d53e88b0bda1f134df7309c5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 08BE 33 KB
33 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 222388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jul 2024 19:09:17 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 634A 6 KB
3 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 21:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jul 2023 21:21:12 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 634A 34 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 15 Jul 2023 08:10:22 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 634A 236 KB
63 KB 98ms
29ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Jul 2023 08:55:45 GMT

GET
H3 200 728x90.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/ Frame 634A 65 KB
10 KB 25ms
24ms Script
application/x-javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/728x90.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

763c74bba2e0c59ddd45212b6ded068a2c10d7c6a7268440391d95817592f335

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Jul 2023 06:43:17 GMT
age: 7948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9849
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 06:16:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Jul 2024 06:43:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D513 14 KB
1 KB 31ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jul 2023 08:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 07:17:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jul 2023 08:55:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame D513 2 KB
896 B 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame D513 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 928F 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame D513 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 04:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 04:56:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame D513 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D513 179 KB
56 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:55:45 GMT

GET
H3 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame D513 33 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16293512910551651353/ Frame 1F93 1 KB
1 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16293512910551651353/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71d63d53b7d5a5cbe384fc215412267bd8397371a835accca370b568e91b4924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:40:53 GMT
x-content-type-options: nosniff
age: 249292
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1196
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 13:48:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jul 2024 11:40:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 08BE 0
23 B 81ms
80ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDduKkA2xZKSHFsLJ6gSV0arQCpTMwItxy6352q0R2tkeEAEggM_8PGCV-vCBjAegAYXamNkDyAEJqQJia9Uk_tiyPqgDAcgDywSqBMcCT9BYhUC7yjefpG4eVZaQp_zs6CZ1L48yzRntgO6rF5bn7WG0mvf8ER_K8d10wUjxB7yaoSwS4EDGCRktnebIqy6ok99ZZEeUqXtsVlSjsuGufkntVlnyT0IPO1X3AORYgOTONSscLpwrK9cTOxlD6JPhvh8xXH-wnA0DTKVBMlogIHByKBAm0zZFpkzbopUj2m2umwRdshDhs5MqiJW3FaWQEVZ-WZCklWfM5K_BWPYGcbsaCOr_KdtqqqH9LtJ5YVqRmAmZbtfZpWvTUcLwHXLGdoX4Ltwh4inhxms6mml-QVx61iT9SIGk7OMOruADmaSoKWxjVltO9xgfblrSUc3fBJ4dJP37cX6Ck0Sb4yzrof4HgnLe7uwEOhmsx0eueVWFNnPP2zm_P8UI0_jyV1FeXUKjTNgRZNLY_BF17i48Hom_ZtOJwATWu5a-lgSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHsvKQKKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKTCGdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi0zMTA4NDg5NTkwMzkwNjAwGAA&sigh=cBoUSdR7Vyk&uach_m=[UACH]&cid=CAQSGwBpAlJWXQB05-ig6WdMc5vhg_xjHaWdsLkLSRgB&template_id=5000&cbvp=2&vis=1

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1119697868&adf=301666733&pi=t.ma~as.9475764773&w=691&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=691x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943703&bpp=38&bdt=580&idt=594&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=132&ady=2986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3AeUaTyysr&p=https%3A//www.officenewz.com&dtd=600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Jul 2023 08:55:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Jul 2023 08:55:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 400A 143 B
166 B 25ms
24ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F52A 179 KB
56 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:55:46 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 45CB 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 13:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 13:29:14 GMT

GET
DATA 200
OK truncated
/ Frame F52A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e30856e7613247c38c22c552f09e724c6b35a8d9e9d6c52a7511aa8f1ac1c023

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EE6F 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b940fa74f334dd3f0f5007836a25adb364492a222c81e3242e00e98bc49b7cb8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2A6D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:46 GMT
expires: Fri, 14 Jul 2023 08:55:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1F93 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9392e056c80a91a667c47a0065d95b167453ac9e14ad9744a6b154b5359a559

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame EE6F 33 KB
33 KB 23ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 222389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jul 2024 19:09:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE6F 0
19 B 71ms
70ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLtozkA2xZPbpO6aU78EPz8mfgAXSx-PQcaWM05rHEcWynZ2NDhABIIDP_DxglfrwgYwHoAH75N-YA8gBCakCYmvVJP7Ysj6oAwHIA8sEqgTDAk_QgRej65lGVJgTlbTd3aktlTWdS_RjEDYyEet0WRaBlRuSMm15daDNeLzljaZtqR4gDhkL6a1siAQPQvg53MizLfhmvOzd_LbJGDfcr6IKsggbBcHP_CDHw2YlWkN2DyRb690P7bYAoOb9WJcwa9uMdvy9i3oGiQSfYmbFvpgbNeLBeQxjrVQv6KeTYAGQY4Uqv9gDDBYiCFa61Tl3qTaLYM1of1_VPkiV5MO07lfaSnsWJyLSTnHRhpULYiSYqtfe3j_XuDYQ9TgptGzXU7fRTupbFVQ9MGtn9IyNCHYMUiDnwGNrwfaRxAoQgf_YTFHK3N_O6s1S533Nru0gKwooXiNm7KJiXDEFDT4gCeHqKPTst6wILRst1CE16IeNn5ZHwiEAnc_wnWjDJlyivg9ZLGplc7O5kthA7BiL4T417D58wAS82fakmgSSBQQIBBgBkgUECAUYBKAGLoAH7ZqgZ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKS6B9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMzEwODQ4OTU5MDM5MDYwMBgA&sigh=xqCcp3PogeU&uach_m=[UACH]&cid=CAQSSwBpAlJWt7ZygmqjfX-q6TiKClUQORXvRFLDw_BTWY-CbUkwv5sz-w7EWgfz0d5M7T2HVj6UzRGEr3BJ0z5QA7Qrb6vKG0fr6d0z8xgB&template_id=5000&cbvp=2&vis=1

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1215408410&adf=1100620743&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943964&bpp=6&bdt=841&idt=510&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=nOr3rVQxaK&p=https%3A//www.officenewz.com&dtd=515
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Jul 2023 08:55:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 928F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
43ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:46 GMT
expires: Fri, 14 Jul 2023 08:55:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1F93 33 KB
33 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 222389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jul 2024 19:09:17 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 449A 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=1215408410&adf=1100620743&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943964&bpp=6&bdt=841&idt=510&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=nOr3rVQxaK&p=https%3A//www.officenewz.com&dtd=515

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 13:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 13:29:14 GMT

GET
H3 200 1909927706508406566
tpc.googlesyndication.com/simgad/ Frame 9758 104 KB
104 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1909927706508406566?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkRjxnmDIq6pK9s912DTcaby_HLLA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=9475764773&adk=3525961715&adf=1277868683&pi=t.ma~as.9475764773&w=300&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943853&bpp=26&bdt=730&idt=469&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C691x280&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=853&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=q2TaVP6MkZ&p=https%3A//www.officenewz.com&dtd=486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8150b93c61dc109cc48064ba23fd164f0d1e7a9155b5f77d3f5b9c02c27c0b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:02:01 GMT
x-content-type-options: nosniff
age: 93225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106096
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 09:56:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jul 2024 07:02:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 9758 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 9758 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 04:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 04:56:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 9758 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9758 179 KB
56 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:55:46 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 9758 33 KB
13 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a85ef6aa5e0512bdd5835bb4d2f753215bc6422cd57260d32f64a0158f5c9454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:36:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13555
x-xss-protection: 0
server: cafe
etag: 16358423774743119658
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:36:04 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 400A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
30ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:46 GMT
expires: Fri, 14 Jul 2023 08:55:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/ Frame 946C 78 KB
21 KB 23ms
22ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=1636380777&adk=1147478793&adf=2472227065&pi=t.ma~as.1636380777&w=300&lmt=1689324944&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943955&bpp=5&bdt=832&idt=418&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1200&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=nDhWUGiTiD&p=https%3A//www.officenewz.com&dtd=443

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6956d2bcf831148b894f41749b6c1d6c2ce9a03aff163c7460429de1b4baf10b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 452192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21014
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sun, 09 Jul 2023 03:19:14 GMT
expires: Mon, 08 Jul 2024 03:19:14 GMT
last-modified: Mon, 08 May 2023 14:58:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 img1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/images/ Frame 634A 30 KB
30 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/images/img1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a173eb5e826c014df7115d0e70bf4aab8698511b648c405512ff0b060da1fce

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 11 Jul 2023 02:42:28 GMT
x-content-type-options: nosniff
age: 281598
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31132
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 06:16:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jul 2024 02:42:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F52A 0
19 B 72ms
71ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjVExkA2xZNPTCvO378EP3-6R4AvQhsCEce3iqr3GEemt9ZS4AhABIIDP_DxglfrwgYwHoAH366btA8gBCakCYmvVJP7Ysj6oAwHIA0iqBMYCT9CaRG_qRx7hbRebcWFr8ChqxtU9ZElT5oaw_HGQmC30ZydzlRDmo0t2g0uG3Oqa6zZTBsnNsmiSHIrUSlFVHZIlYDmzcfeuOnkEWvuojPg93C7TZ6LtxhXDK26lrApsdhdM5GUYzny1lN3ZN1S9y_6KJewirWgOEkIYLbvx8l-uZVAfx6_ScIXvMNDZRDrfkvRRh8EX0sr7sDKEZbR1iohy9ws9lwpwUULarxHpg8Ume14JJnDGk7_Ub6dbiaJlvH1DaSbKdVwJzJoXojQ6SuIvciI3ZnoaoD_hvbS2aBMjZDu9EhZYHgs9K_tvZfrP_jK57SHTic-1HAdssV-ICwJ-jC8Oq6s0g0aAahBYbHMy4JEP2yRUnXeRJk8b3C56yp6K9di1KmQpq4HZROZTJWJ2AgmHH5b3_SSYFZHTIdOBVwSAhiHABLzwsZC1BJIFBAgEGAGSBQQIBRgEoAYugAfxk9kSqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ_t8p0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLEC2BMN0BUBmBYBgBcBshccChoIABIUcHViLTMxMDg0ODk1OTAzOTA2MDAYAA&sigh=vCviYV37cX0&uach_m=[UACH]&cid=CAQSGwBpAlJWhzU_PuLJuVGA2R5T1Y37Dj_jouk2wBgB&template_id=419&cbvp=2&vis=1

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Jul 2023 08:55:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame E3E0 23 KB
9 KB 31ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D331 143 B
166 B 27ms
23ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=1636380777&adk=1147478793&adf=2472227065&pi=t.ma~as.1636380777&w=300&lmt=1689324944&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943955&bpp=5&bdt=832&idt=418&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1200&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=nDhWUGiTiD&p=https%3A//www.officenewz.com&dtd=443
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame E3E0 3 KB
1 KB 31ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 04:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 04:56:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame E3E0 20 KB
8 KB 31ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC2F 143 B
166 B 25ms
24ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=9475764773&adk=3525961715&adf=1277868683&pi=t.ma~as.9475764773&w=300&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943853&bpp=26&bdt=730&idt=469&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C691x280&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=853&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=q2TaVP6MkZ&p=https%3A//www.officenewz.com&dtd=486
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 946C 7 KB
761 B 43ms
41ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular|Arimo:regular,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d4e40dbd70cabc6f71a1d96f9a21284773a99fa54fbb02bad88fe5e48b02171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jul 2023 08:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 08:55:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jul 2023 08:55:46 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 946C 16 KB
6 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 11:20:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jul 2023 11:20:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 946C 34 KB
13 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 15 Jul 2023 08:10:22 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 392E 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 13:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 13:29:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1F93 0
19 B 68ms
68ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqAHRkA2xZL_1E4Gl78EP5N-u0APf1NiEcfLW78XvD_XHxZWNDhABIIDP_DxglfrwgYwHoAHJl-6WKMgBAakCqwwaPzf8ej6oAwHIA8sEqgTFAk_Qdc_Tz8EJAjluOa52Y1eQ19xI7J2oDeVU5Zts0ezGm4JT0wbROtOCvVgRxPh5atMkfGrH17Bxvas32YK0DK5JhlEfU9FFX_YEnIhxYMLMpog_ZQLYxXNn0IPa6djtrl2yjKAn9Vom10kuA_JyyMmJ4T0xM7G2A-jJ8U4_y1bnwWxu8g8q32TVZ5RSMs1eG2U0bPvcsuyyKOUGquZdJCV0YQvOIgc5lfGWnbX2PUauBVxRFiRLAlQOg6gEes9vnR5EaeQlqvUmnQvPsryCSrB58vzQqWSQnfqALUi1vRdPYiGMPtV0Bocp8VFwtf3Mh2JQvuEpQHBBsXQr1tUX7pYBE6dVAiCaXYrjgA8TLNRvNa5p9Ayr9EcsRd4maeaJX1zTSjE82oZaZt5z8jO9ERG8mQOF9YXyZyWLdKZu1gvQmGfd6VTABNqdzKX7A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfJz772AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELPZF9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTDIgUCNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMTA4NDg5NTkwMzkwNjAwGAA&sigh=VY1fggnzSR4&uach_m=[UACH]&cid=CAQSGwBpAlJWMcno04sHX7_d7z_IntSxU3zhLwANSRgB&template_id=5001&cbvp=2&vis=1

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Jul 2023 08:55:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 img2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/images/ Frame 634A 34 KB
34 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/images/img2.jpg

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

780f5d287e0ada139361db31f0ca26d964e3851c0ac5153e29d7aeccb92abda3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 11 Jul 2023 02:42:28 GMT
x-content-type-options: nosniff
age: 281598
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34962
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 06:16:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jul 2024 02:42:28 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 35A6 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=280&slotname=9475764773&adk=914169798&adf=473766257&pi=t.ma~as.9475764773&w=1200&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943525&bpp=35&bdt=402&idt=737&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2Jg3JXtr3n&p=https%3A//www.officenewz.com&dtd=755

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 13:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 13:29:14 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 634A 37 KB
14 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 13:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 13:29:14 GMT

GET
DATA 200
OK truncated
/ Frame 9758 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f79a570d7e579e1e1218706e1666a9371f5ab377133f08b98515201c9442230

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9758 0
19 B 65ms
64ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch7fWkA2xZI_EO8Kg78EPnv6cwAG0ktPUcfCot5H3EdrZHhABIIDP_DxglfrwgYwHoAHV_omnAsgBAqgDAcgDyQSqBL8CT9D4XG2ZlW5_jph3CdGX4eAiJcAPjZsZWwHkbSjDcse-JXGkWj4UrebriYIPA-i3CYWP6Fm8Szw-797ingVFo9zJFrMcWKzIbMVwxWwgLMlsvLErP8g85g_yaXNGGnFkLLN4cMmhN176TwsYGtuGT1Ebi0m8S3TDMBc7-Ao2o0A5GDScZhP5pO5sk7BsxFo7rN2-N6ZRXG4V2jQJ6II0g6mp5SOKjD1InZZ2yy7RKxruVRQsiLj-p1tiOV9aGS3NDvU8Z-N4sI2l2Hx5RTlz0rlv8waMOkzQ60punVF_KHsHredt19TZC0uK9kkhxsNuc62NKIZp5VhImUhMcWCRw3QKtDGPRyucf96cUK2q6UP56SkLSRJJtPSWiUnlJLtJhzi6Bf3nR0YstfguN-oYImmkQp1i_yxpGUnt6wgspcAEvu-a06wEkgUECAQYAZIFBAgFGASgBgKAB8irsM0EqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQlfOeAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zMTA4NDg5NTkwMzkwNjAwGAA&sigh=Q8UTKhugCc4&uach_m=[UACH]&cid=CAQSGwBpAlJWVkToyIdev56RAH673v8znQfTSQWtmRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=9475764773&adk=3525961715&adf=1277868683&pi=t.ma~as.9475764773&w=300&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943853&bpp=26&bdt=730&idt=469&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C691x280&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=853&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=q2TaVP6MkZ&p=https%3A//www.officenewz.com&dtd=486
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Jul 2023 08:55:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3E0 179 KB
56 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:55:46 GMT

GET
H3 200 img3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/images/ Frame 634A 28 KB
28 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/images/img3.jpg

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85899fa14d3302741a9d1f491016c429de37073b94a209de510d609b5699f9df

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 12 Jul 2023 09:04:20 GMT
x-content-type-options: nosniff
age: 172286
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28484
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 06:16:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 Jul 2024 09:04:20 GMT

GET
DATA 200
OK truncated
/ Frame E3E0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a85fff1c7904f1940f4b487222ee56421642fed0a52e424a5f0d33677f3fb57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D331
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

113ms
113ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:47 GMT
expires: Fri, 14 Jul 2023 08:55:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC2F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
30ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:47 GMT
expires: Fri, 14 Jul 2023 08:55:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v28/ Frame 946C 20 KB
20 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v28/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular|Arimo:regular,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:27:03 GMT
x-content-type-options: nosniff
age: 52124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:54:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2024 18:27:03 GMT

GET
H3 200 img4.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/images/ Frame 634A 36 KB
36 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/images/img4.jpg

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a53bea242f72c45e2ab0b7cf2499b7af9d5d64cc7729940b179b7a98397ea69d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 14 Jul 2023 06:46:32 GMT
x-content-type-options: nosniff
age: 7755
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36793
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 06:16:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Jul 2024 06:46:32 GMT

GET
H3 200 logo-image_4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/ Frame 946C 3 KB
3 KB 23ms
23ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/logo-image_4.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3f55d52e9b2df0f21d26e6f32f8266eb5dd702f03f44e52127514d539abcf60

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 08:31:12 GMT
x-content-type-options: nosniff
age: 519875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3469
x-xss-protection: 0
last-modified: Mon, 08 May 2023 14:58:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 08:31:12 GMT

GET
H3 200 product-image_4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/ Frame 946C 122 KB
122 KB 23ms
23ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/product-image_4.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dab6301d8bb2f355f676bbd2755549d01bcc2d6fab04e5f8378738579119f535

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 09 Jul 2023 00:26:33 GMT
x-content-type-options: nosniff
age: 462554
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124968
x-xss-protection: 0
last-modified: Mon, 08 May 2023 14:58:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Jul 2024 00:26:33 GMT

GET
DATA 200
OK truncated
/ Frame 946C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 product-image_4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/ Frame 946C 122 KB
122 KB 21ms
20ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/product-image_4.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dab6301d8bb2f355f676bbd2755549d01bcc2d6fab04e5f8378738579119f535

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 09 Jul 2023 00:26:33 GMT
x-content-type-options: nosniff
age: 462554
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124968
x-xss-protection: 0
last-modified: Mon, 08 May 2023 14:58:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Jul 2024 00:26:33 GMT

GET
H3 200 logo-image_4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/ Frame 946C 3 KB
3 KB 22ms
21ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/logo-image_4.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3f55d52e9b2df0f21d26e6f32f8266eb5dd702f03f44e52127514d539abcf60

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 08:31:12 GMT
x-content-type-options: nosniff
age: 519875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3469
x-xss-protection: 0
last-modified: Mon, 08 May 2023 14:58:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 08:31:12 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F52A 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss849BStu2NcpulVgn4KWp0YbZsvofZrpQzUFjEtSCPN8KLXMLm6LLg2ICZYpYo7HTuK15n4QB91S_NOhMCXzR4yukuUcF_ALULNI38MBrQ5WzAMHBFCol31oLfNwcyeIMtx-QIZ8Nn1MlS&sai=AMfl-YS5zGrFgkT6hIxTNeeNvCvVMrhn_pSJ8sebuvFQWxaTN1lP7RqEQbcng23Y7hLQ3Bpr36lDRmbalnFY&sig=Cg0ArKJSzFXRmeWSbsKnEAE&cid=CAQSGwBpAlJWhzU_PuLJuVGA2R5T1Y37Dj_jouk2wBgB&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=0.92&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689324945455&rpt=951&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E3E0 0
19 B 65ms
64ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbYKxkA2xZJ_SO8nZ6gTBmKq4CqmHqahvyc2LuL4Rv9vEjMoqEAEggM_8PGCV-vCBjAegAcqP1PQCyAEJqQJia9Uk_tiyPqgDAcgDAqoE7wJP0AwD8Iie1QrFu_vxBADhSuIejkD2vcJmQjeGv81eXme05hcikxBKWoS5QJYary23__qMwrBsac6-_jTUXr_03qSe1lJWXqTdUI-Xg27Kdkgt5GzdDNq-yryHMuIvaDBdFZE3xy_s94Hf9z6AelWLgd9LGFBDlW8A8wVdtAn2uBxxJauS00X_7qCYPKWC6_ClYrH73FqomHAmLLQAS0CHqp15FMWdVXQwQbwmBQNta1OMHLzeC144ivYe2gfQ71z-FiWNoW1SClWY6hm9qeGRgRPmzQObgb2FBza38HzVHZl4eJ-_XE9KFnwdy5UJyVgzoymbRGUVY39bdzyKgtrOZSLbr0vPU-c-tgKu5Efq-jNB5Deq6Bkn33HT8MkUKdHVP63CE-Mva1NcCTj2cPRdOg5Z3BXqgUWlq8a7M4_tTdapT8DptXvM7ea_rrcS75X3Y06-MiQtmVnTKGr9CHnVeaqq2KuaZFcBXySsyAxXwATbo_uErgSSBQQIBBgBkgUECAUYBKAGXYAHnvCriwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCCgj7SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTMxMDg0ODk1OTAzOTA2MDAYAA&sigh=zhIT0zTAZKM&uach_m=[UACH]&cid=CAQSSwBpAlJWk6BPptUHcusjZECGETkc74HG-YQhtTp154asMol9JqFoBovIjOBCI-emVOHhskzyB8iQL6C-7A-Eg1j4bnE8zdGRYuyxGxgB&cbvp=2&vis=1

Requested by

Host: www.officenewz.com
URL: https://www.officenewz.com/2023/07/08/income-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=1636380777&adk=1147478793&adf=2472227065&pi=t.ma~as.1636380777&w=300&lmt=1689324944&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943955&bpp=5&bdt=832&idt=418&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1200&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=nDhWUGiTiD&p=https%3A//www.officenewz.com&dtd=443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Jul 2023 08:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 83ms
82ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b6e15924390d321ded01876c76825b6a67971305dbbd7af05d02d47e7c02cd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11914
x-xss-protection: 0

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 7005 37 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 13:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 13:29:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 08:55:47 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1F93 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOHFgsMPTxAaKwEPD7WPC2MplLiP06N5X-R2eU8xi_UhJ88acxcCrjUx3plY5C4SHZDbAxNVlhzAnL-p62mBTv8Nf_as44eoGAVMLIzQGm49R8dMHocHewpXVVqzKcdg9dwcqSI-j5bOYO&sai=AMfl-YS_6eyuXG5R-T-sRaqrbrQBe893YQjHAnOuYouLeb0e6wxHy6G5muV0k11r4Jb47dWvcY9GO0lkPWLz&sig=Cg0ArKJSzC3lGSFbY6IrEAE&cid=CAQSGwBpAlJWMcno04sHX7_d7z_IntSxU3zhLwANSRgB&id=lidar2&mcvt=1062&p=0,0,280,1200&mtos=1062,1062,1062,1062,1062&tos=1062,0,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=914169798&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689324944284&rpt=2467&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CB7F 13 KB
5 KB 27ms
22ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officenewz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:41:09 GMT
expires: Sat, 13 Jul 2024 08:41:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9386 783 B
534 B 35ms
31ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eee1a05ca284e563fcddebfd89f58af63888a988ee9b884454de00c841cb1adf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PtAK4cuXbvT1tAl-g1Y72w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.officenewz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-PtAK4cuXbvT1tAl-g1Y72w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:55:48 GMT
expires: Fri, 14 Jul 2023 08:55:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame CB7F 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 13:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 13:29:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9386 0
0 56ms
55ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=4326317174930108&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E3E0 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvkvMHd-7rhNzStkpJAKSpn9EYigtktOv68ruzVCqhGpyhEeAwWwyvuZHMf2EavTEvNWrptCgOkjpdAtyD5s4-iNwS_XqZ0keLjOnZ3aEXsnTo2S5_IKieGgz4_Kbka9r_BdxS6iDQj-Kd_hZ5alLHbJ1DJMRgbt78r2agExU&sai=AMfl-YSWZu1QZFV3-BsXuPiSlMcD_4o9CX0WUxAShbXQ0tO1x7sjOMRACx1yR4RKbHJoWuAkt0CtshSFamp2peCz7YdPNM-w8JRr6v4-jKdL08ubnYRm2uKqkAbSiGhjtkg7ZgyqGyqvK1yKoih9&sig=Cg0ArKJSzOUpJWXG78rcEAE&cid=CAQSSwBpAlJWk6BPptUHcusjZECGETkc74HG-YQhtTp154asMol9JqFoBovIjOBCI-emVOHhskzyB8iQL6C-7A-Eg1j4bnE8zdGRYuyxGxgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=2&adk=1147478793&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689324944454&rpt=2759&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:55:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CB7F 0
12 B 24ms
19ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pC8oMQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:55:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
68ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=4326317174930108&bg=!LC-lL3vNAAb90kgr3dI7ADkAdvg8Wrol-uxpCR2G2BIZGuNHGuOhbm9kigxRhfykzggdcVVPAzUoOozGNXrtzZiTPhJAc0JlKWoCAAAA11IAAAATaAEHCgAzOL18vtVXVGbcZehsG56OovCW3r3JNX7J1HkhU57IxPDM6jLB9oif6LJIZF6m_Q8DTk4qmQKuuKIHpbI32FwHkxTAbeRmq9gIsdM2anVYH18R88fCTZ1FbzUILPH0ahwqvEu8WbReAqmqPUEUHwvVQ33UFhs7eI1SOs5zf3MHJ8IoV8CqTPDuHMZ-LIK-JqCL3G9fEglh7WhZ5oP8ioT0JKo3_e77Wn1SlMsRdeKvaT7ST7DwaTI1W9pQQbF8okbK1k5FXInpuGp3VhKQKda1pNiV5n3wKz25A6OfjVlYGhAC0WWNf4z4BEZc8snlMQL6o57X_S31MOszaazgBW4OCgzIo8D4CjZY_bdQseEYZvITerOOMj9RRC_tteOsMB9jLwp_kzcHuR2Sy8v97ZRh6GlLihEQakuyhvfVLEDbsHTPv3o4sAwEq-YVm1lO-ar_n8EOgSDufpbBe3_wEzGcYSTZaL-GyxYehAzq-ccBAoAuWGGe5II273Aw07TBmBk4koT-pUGHe-KCrAqXVOT_IlKoTXvHc2pk67dcapkRIqYjLMaDzSoXrEpkVfdgnP0wsZbj-164FL8A_ZWE4hloFrJtPwgHFIOAwr-rzeRARHblcMQkAHguyiuAcFt3yANPmA65e2ICm6QKAbaRvM0WhLByMb2l2hG_1gAPUO9nJy1wskyPFKvjZsks6tiW6rbgpbvLdztUTZQTb0SIbBHmYNACujcbwrSjslMsyrBF7VhECuyj4emH1hvTbXqwnvZQo-jHgX-O6X5rTcB5JTiz_CqqIjDcZonjfOu-GJgW0z2oDRkxQDSuj2H19029n9uQnYkdRfxjQc-Y5FFpPdd14ndMRNWDuRD_7doRcvJEP4qDs36rz6gbin4uSooZ4VRUyx1CqDDh3xBLPs4Ez5g6C7Z6n2Ws3DRKkrpIDPDaa_uUoCRs35LC0Sz_7NTmlTeO-FtEWxMtyRjEgVOQ-nztem78eAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officenewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=9475764773&adk=3525961715&adf=1277868683&pi=t.ma~as.9475764773&w=300&fwrn=4&fwrnh=100&lmt=1689324944&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943853&bpp=26&bdt=730&idt=469&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C691x280&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=853&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=q2TaVP6MkZ&p=https%3A//www.officenewz.com&dtd=486

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3108489590390600&output=html&h=600&slotname=1636380777&adk=1147478793&adf=2472227065&pi=t.ma~as.1636380777&w=300&lmt=1689324944&format=300x600&url=https%3A%2F%2Fwww.officenewz.com%2F2023%2F07%2F08%2Fincome-tax-refund-now-quickly-check-your-tax-refund-status-in-simple-way-a-step-by-step-guide%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689324943955&bpp=5&bdt=832&idt=418&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D53ec974e4ec648e9-22b7c93529de003f%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ&gpic=UID%3D00000cbf0bccbc0b%3AT%3D1689324944%3ART%3D1689324944%3AS%3DALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA&prev_fmts=0x0%2C1200x280%2C691x280%2C300x600&nras=1&correlator=1529038258519&frm=20&pv=1&ga_vid=1272552892.1689324944&ga_sid=1689324944&ga_hid=465791507&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1200&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C31075630%2C44759876%2C44759837%2C44759927%2C42532277%2C31075645%2C31075814%2C31075850%2C31076126%2C44788442%2C44796476%2C31076085&oid=2&pvsid=4326317174930108&tmod=1013321080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=nDhWUGiTiD&p=https%3A//www.officenewz.com&dtd=443

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.officenewz.com/	1970-01-20 22:51:24	Name: _ga_50RQT34CCD Value: GS1.1.1689324943.1.0.1689324943.0.0.0
.officenewz.com/	1970-01-20 22:51:24	Name: _ga_2K7D21X7VX Value: GS1.1.1689324944.1.0.1689324944.0.0.0
.officenewz.com/	1970-01-20 22:37:00	Name: __gads Value: ID=53ec974e4ec648e9-22b7c93529de003f:T=1689324944:RT=1689324944:S=ALNI_MZ_mcsuBTtWPnUWLhrAmQZPdmdNzQ
.officenewz.com/	1970-01-20 22:37:00	Name: __gpi Value: UID=00000cbf0bccbc0b:T=1689324944:RT=1689324944:S=ALNI_MbtMaC8OHNx4Crq3D2C9pIMwhxedA
.officenewz.com/	1970-01-20 22:51:24	Name: _ga_ERGFG1RSZX Value: GS1.1.1689324944.1.0.1689324944.0.0.0
.officenewz.com/	1970-01-20 22:51:24	Name: _ga Value: GA1.2.1272552892.1689324944
.officenewz.com/	1970-01-20 13:16:51	Name: _gid Value: GA1.2.831699349.1689324945
.officenewz.com/	1970-01-20 13:15:25	Name: _gat_gtag_UA_102452714_2 Value: 1
.doubleclick.net/	1970-01-20 22:37:00	Name: IDE Value: AHWqTUn7vY7In1-NGT0VB8e2LChAr5uRAheBCmK2HLte2Z-YpfBIMXLg8_gxuNKl3Nc
.doubleclick.net/	1970-01-20 13:15:28	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 13:15:25	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14107503114101327623/728x90.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.news18.com
malingindia.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s0.2mdn.net
secure.gravatar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.officenewz.com
googleads.g.doubleclick.net
2001:4860:4802:34::36
2606:4700::6812:bcf
2a00:1450:4001:806::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:400c:c0c::9b
2a02:26f0:3100::1735:28c2
2a04:fa87:fffe::c000:4902
2a06:98c1:3121::3
45.56.94.62
00152548ef3a6b663c0f90d66a487ffb6ac23bdf03184cff707ba4bbc98d40b7
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
03dd4b22b7c6c6841f1df803d60d9a56a0b794c8f28b71705dfbb4ad052538d3
0b3aa1ac355445043a17071f96e373137ae3203b05c43faa2595003555dcae9a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1c32d13b5f30a647306be5fc45aa71584dab819e3f21bc456aa714b01b3529b5
1dd63824a6304e84f5ac8549da2750d150a0eb24c50960dd83e08a63d5a97f21
207462218be622970d19183d841132a0408f8af7de0deb69f8f0b18fabf63f18
20dcf0525b0cc326516bcea52aa519cc3b3aab21bf581a20b7a4b5c9cb8ece9a
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba
23741e8bccb16b02146f85d0d950b0a573a5e7d420fd092c0405b86479ea5d6a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
39203075ce635df44665631d87b8d2a39c958d89a5f3cb6b48b291cec0073ed2
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa
3e8674824a397d31888df8fcfe8eb678b2a4445a04b516adeb4b7499b6d35a17
3e9148898afa934127e4099406b034770f1979aef90cfa048e090d1ae4542cc0
3eac8050e1a4ab09579c3f6c1fbf408e308a93a72550906125cb930fbd3d1067
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4b6e15924390d321ded01876c76825b6a67971305dbbd7af05d02d47e7c02cd7
4ca68dcdd0072e71bb225f292f922a01d20ebb67444a7fffa6bc487b15379157
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d4e40dbd70cabc6f71a1d96f9a21284773a99fa54fbb02bad88fe5e48b02171
4e18d7f1a9bfef897a250d2e1c44a88233e854048b00e35afde4b208f6d81d19
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
532491cd25fc1b4c407d008b8314961b3b14f057c44f7b15bddacbae1378f3aa
5421d88245220e2c1bef2ac3c140426476dbc3a219d1f24bc5ad5da0e6445782
545bfd8b2f6cdff3bee2b882cd30c9bc1c824640269ec75d644ee1bfab178455
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56547e8e0713fe16d2319c2a5e6f10d665c33be38a34dd244824841e7d9f9290
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527
5c159cb52f2e5989f320bde869a5582e2b4d0fcf773653c9130bf9c2a54e11de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c79118b448fb2f78d015a4df5531e8f42d47df7fa3e52529b2517341f012393
5d5257721f9d01aeb7ba374a9c17258e61b43f0fa9426fe4fa793ef18efc131f
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6106a7af3cf4816b71cd30f81ade3579401b393f99e10e09ccde1d656a60a110
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6416173db010b2ea633566aeea00b741dad219d12846e2409202a9594a8db34c
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6956d2bcf831148b894f41749b6c1d6c2ce9a03aff163c7460429de1b4baf10b
6bc6e28f1351c482cea5842a10ce0a213a13cb7b648f63099a7e6c26fafeb575
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70d643f2ebea27fbd24e299bf426f5f145da9162612cfc32521fecd43df75572
71d63d53b7d5a5cbe384fc215412267bd8397371a835accca370b568e91b4924
763c74bba2e0c59ddd45212b6ded068a2c10d7c6a7268440391d95817592f335
780f5d287e0ada139361db31f0ca26d964e3851c0ac5153e29d7aeccb92abda3
7a85fff1c7904f1940f4b487222ee56421642fed0a52e424a5f0d33677f3fb57
80fa9e343d11e244935a34793d36838d9675bc88c1fe148581af7fb9d33dfc0f
8150b93c61dc109cc48064ba23fd164f0d1e7a9155b5f77d3f5b9c02c27c0b1f
8297a8e1175addbb63a9270cf155682fbc3b02bb0426711ba41f06d549b6ca4b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85899fa14d3302741a9d1f491016c429de37073b94a209de510d609b5699f9df
86275d12713a35a1c5396617d0555293c9e93e966586de4612d08fcedff88b33
8f79a570d7e579e1e1218706e1666a9371f5ab377133f08b98515201c9442230
90dde1617c40024f039f13971561a4441f0c67d5fc064570896da86060e9d42e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a173eb5e826c014df7115d0e70bf4aab8698511b648c405512ff0b060da1fce
9b9d19e30258db9f050f9347a68b17ca8d734448e9499c0e0e917892fb132375
9f4a6ebd21acfecb59ecf8cd0cfbcb99d160f98f286e786aedf23a73d116928f
9f8fafce4e2719cd2f20fbcf269ee0e636ad4736f34b6f68f8d9ea23a4808507
9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13ca0331b4d76861951b80ada10a8071b4e2d1f9407e38390ff392817ab71d3
a3f55d52e9b2df0f21d26e6f32f8266eb5dd702f03f44e52127514d539abcf60
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
a53bea242f72c45e2ab0b7cf2499b7af9d5d64cc7729940b179b7a98397ea69d
a57c63d92cf903a205f248115324f57c90a5f9e4a800f1a00a685c14a1ac74da
a6596c76db554d20141e25d1b2ee55bba68a67a28ec149559fd252e8f1172d18
a6d2ed906a0ba03d856b39e81a56898885de82c0daacb15403c4c72c173e0a66
a85ef6aa5e0512bdd5835bb4d2f753215bc6422cd57260d32f64a0158f5c9454
a9d0d01c5b751f6e8ab7d46d384bfbaaf973a2fc907842d1a756a91cb4800969
aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af5a9628858b383c6257068c476c25b5a8a6421b686a349a828c47f526e7f877
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1a3f0ba14a3a1c8856cef9ebac408ebd8a8ca0e9d5786cc4e0b023d72c2a736
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
b7df479e97de27dd08d91229b83ef7baa3ea0e847edfb9ab1e32544ea5baf9c3
b940fa74f334dd3f0f5007836a25adb364492a222c81e3242e00e98bc49b7cb8
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc275fe3bebee4832abe58fc297851607d1b319c37ce9168770cbd5139351496
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c105718322639113b348efc122bee30460c6f605bd5f432c72a37d66fcb71071
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c54bae6476edbf336233a13c398686607f59f7bc1344a61e5d0ec0f5435d97d2
c6fc8040057d07b4ba325113cedebae1f6895da7ce0b2d7b8ad89d012dbf5fce
caf56b29f6caf555878527c99f255af107d0dce8a4db1ecec6911b2e0b1ca12c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7f986fc5267e837b7f9a51b4775dbef0fb6bd7f327796a0ccfa17c4cacf0b41
dab6301d8bb2f355f676bbd2755549d01bcc2d6fab04e5f8378738579119f535
dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5832bfdfd15feadf7d012b80cb41b1d3d6a681c09447dd2172d4dbb875e11e
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2025b09d0c4e19196c50c04bec17aa2599fbbe3066a6998225c494ebfedc057
e30856e7613247c38c22c552f09e724c6b35a8d9e9d6c52a7511aa8f1ac1c023
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d753089ae6bdebf39c738d8328385bb35cfc0e0f09af329b8c943737e6089d
e722c828490f28ca9c6cdd734282ba25c29f965ce53898540bb659bc8469f2db
ec626d1355ef5d84689c88b2ec9e383fa16b0be9c068fe5fc913be061542edbc
eee1a05ca284e563fcddebfd89f58af63888a988ee9b884454de00c841cb1adf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efed8117b5a3710f3c20afa0d4d955c41d16e82d995f2f02e6b18d3cd6855ece
f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d
f42b678caa9fda649286760619b2d9b761d7e73d53e88b0bda1f134df7309c5d
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
f92dfcb7eb348582c2b8951adb31c7f55b1f11e9d2d6f751850f2e287d096eed
f9392e056c80a91a667c47a0065d95b167453ac9e14ad9744a6b154b5359a559
fa5065ea0977320077a8ea25eeed60f3b0b30abd1e15f9c6d81e6243961e0815
fabf81f862d38c081c4fd81eaa53d4b49bfa6ad3222932f564354db82cccb3d9
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffafe82253a25e01fcbc7ac66aa82fbf08208d29876d706056124faede2fe13a

www.officenewz.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

193 Requests

99 %HTTPS

95 %IPv6

16 Domains

21 Subdomains

20 IPs

4 Countries

3547 kBTransfer

8061 kBSize

11 Cookies

8 Outgoing links

Page URL History

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.officenewz.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

99 %
HTTPS

95 %
IPv6

16
Domains

21
Subdomains

20
IPs

4
Countries

3547 kB
Transfer

8061 kB
Size

11
Cookies

193 HTTP transactions
11 data transactions