www.publinews.gt Open in urlscan Pro
49.12.125.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.publinews.gt/gt/
Submission: On November 29 via manual (November 29th 2021, 4:16:09 am UTC) from GT — Scanned from DE

Summary HTTP 421 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 85 IPs in 12 countries across 72 domains to perform 421 HTTP transactions. The main IP is 49.12.125.168, located in Altrip, Germany and belongs to HETZNER-AS, DE. The main domain is www.publinews.gt.
TLS certificate: Issued by R3 on September 30th 2021. Valid for: 3 months.

This is the only time www.publinews.gt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
70 180	49.12.125.168 49.12.125.168	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
4	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
3	64.227.27.145 64.227.27.145	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
22	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	143.204.96.118 143.204.96.118	16509 (AMAZON-02) (AMAZON-02)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
15	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.34 143.204.98.34	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:191::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.98.17 143.204.98.17	16509 (AMAZON-02) (AMAZON-02)
1	3.20.177.195 3.20.177.195	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4 11	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
4 9	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
9	144.76.115.197 144.76.115.197	24940 (HETZNER-AS) (HETZNER-AS)
2	5.178.65.253 5.178.65.253	50673 (SERVERIUS-AS) (SERVERIUS-AS)
19	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.212.173.197 3.212.173.197	14618 (AMAZON-AES) (AMAZON-AES)
2 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
6	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
5 5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1	2600:1f18:659... 2600:1f18:6593:f607:1e48:63e3:baf2:55da	14618 (AMAZON-AES) (AMAZON-AES)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2a05:d018:24:... 2a05:d018:24:b001:6cd5:9d52:6dd6:6c58	16509 (AMAZON-02) (AMAZON-02)
2 2	52.215.136.198 52.215.136.198	16509 (AMAZON-02) (AMAZON-02)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
1	89.163.159.106 89.163.159.106	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	34.249.68.36 34.249.68.36	16509 (AMAZON-02) (AMAZON-02)
1 1	3.120.52.200 3.120.52.200	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	52.208.185.108 52.208.185.108	16509 (AMAZON-02) (AMAZON-02)
1	168.119.79.223 168.119.79.223	24940 (HETZNER-AS) (HETZNER-AS)
3 3	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	107.20.192.231 107.20.192.231	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.94.222.140 52.94.222.140	16509 (AMAZON-02) (AMAZON-02)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	54.76.140.148 54.76.140.148	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:ea00:18:e253:91c0:21	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.104 143.204.98.104	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
36	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
3	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	52.73.70.207 52.73.70.207	14618 (AMAZON-AES) (AMAZON-AES)
1	54.146.189.157 54.146.189.157	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
4	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4 5	3.122.145.244 3.122.145.244	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1	3.212.101.249 3.212.101.249	14618 (AMAZON-AES) (AMAZON-AES)
4	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.29.208.72 52.29.208.72	16509 (AMAZON-02) (AMAZON-02)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	18.193.230.138 18.193.230.138	16509 (AMAZON-02) (AMAZON-02)
2 2	52.50.109.234 52.50.109.234	16509 (AMAZON-02) (AMAZON-02)
1	176.34.151.72 176.34.151.72	16509 (AMAZON-02) (AMAZON-02)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	185.86.137.122 185.86.137.122	201081 (SMARTADSE...) (SMARTADSERVER)
1	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	99.80.191.196 99.80.191.196	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.124.43.130 3.124.43.130	16509 (AMAZON-02) (AMAZON-02)
1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	69.173.144.158 69.173.144.158	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.83.97.117 54.83.97.117	14618 (AMAZON-AES) (AMAZON-AES)
1 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3	2800:3f0:4001... 2800:3f0:4001:822::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:400e:5::8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:3a2a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
421	85

180 49.12.125.168 (Altrip, Germany) 70 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.168.125.12.49.clients.your-server.de

www.publinews.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.publinews.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

i.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.227.27.145 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

adserver.latinon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.96.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-96-118.fra50.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-34.fra50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:191::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-17.fra50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.20.177.195 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-177-195.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 5.178.65.246 (Woerden, Netherlands) 4 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 144.76.115.197 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.197.115.76.144.clients.your-server.de

publinewsgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.173.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-173-197.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.178.65.245 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f607:1e48:63e3:baf2:55da (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:6cd5:9d52:6dd6:6c58 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.136.198 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-136-198.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Erba, Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.81.244 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.163.159.106 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.68.36 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.52.200 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-52-200.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.185.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-185-108.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.192.231 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-192-231.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.222.140 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.140.148 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-140-148.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:ea00:18:e253:91c0:21 (United States)

ASN16509 (AMAZON-02, US)

dkae4asr0dphj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

vast.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.73.70.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-70-207.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.189.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-189-157.compute-1.amazonaws.com

gov.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.122.145.244 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-145-244.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.101.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-101-249.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

video-ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.208.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-208-72.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.193.230.138 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-230-138.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.109.234 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-109-234.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.151.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-151-72.eu-west-1.compute.amazonaws.com

s.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.161.21 (Netherlands) 2 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.122 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.191.196 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-191-196.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.43.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-43-130.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.158 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

beacon-nf.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.83.97.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-97-117.compute-1.amazonaws.com

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2800:3f0:4001:822::2003 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:5::8 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

rr3---sn-5hne6nsk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:3a2a (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
180	publinews.gt 70 redirects www.publinews.gt static.publinews.gt	4 MB
46	twimg.com cdn.syndication.twimg.com pbs.twimg.com abs.twimg.com ton.twimg.com	1 MB
40	doubleclick.net 4 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net Failed pubads.g.doubleclick.net	191 KB
19	zeotap.com spl.zeotap.com mwzeom.zeotap.com	5 KB
19	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	124 KB
18	aniview.com vast.aniview.com player.aniview.com track1.aniview.com gov.aniview.com sync.aniview.com	228 KB
17	googlesyndication.com 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	90 KB
15	e-planning.net 4 redirects i.e-planning.net ads.us.e-planning.net s.e-planning.net u-ams02.e-planning.net	37 KB
14	2mdn.net s0.2mdn.net	554 KB
12	rubiconproject.com 1 redirects video-ads.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com prebid-server.rubiconproject.com token.rubiconproject.com beacon-nf.rubiconproject.com optimized-by.rubiconproject.com	45 KB
9	publinewsgt.com publinewsgt.com	510 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	214 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	88 KB
7	advertising.com 4 redirects pixel.advertising.com ads.adaptv.advertising.com	2 KB
7	google.com adservice.google.com www.google.com	2 KB
7	google-analytics.com www.google-analytics.com	20 KB
6	yahoo.com 2 redirects cms.analytics.yahoo.com ups.analytics.yahoo.com	2 KB
6	google.de adservice.google.de www.google.de	2 KB
6	navdmp.com tag.navdmp.com usr.navdmp.com cdn.navdmp.com sync2.navdmp.com sync.navdmp.com	6 KB
6	googletagmanager.com www.googletagmanager.com	220 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
5	adsrvr.org 5 redirects match.adsrvr.org	3 KB
5	teads.tv a.teads.tv s8t.teads.tv t.teads.tv	133 KB
5	googleapis.com fonts.googleapis.com imasdk.googleapis.com	359 KB
4	onetag-sys.com onetag-sys.com	3 KB
4	tapad.com 3 redirects pixel.tapad.com	2 KB
4	googletagservices.com www.googletagservices.com	136 KB
3	1rx.io 2 redirects sync.1rx.io tag.1rx.io	2 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net	1003 B
3	krxd.net 1 redirects beacon.krxd.net usermatch.krxd.net	943 B
3	crwdcntrl.net 2 redirects bcp.crwdcntrl.net tags.crwdcntrl.net	13 KB
3	pubmatic.com image6.pubmatic.com ads.pubmatic.com	6 KB
3	latinon.com adserver.latinon.com	9 KB
2	googlevideo.com 1 redirects rr3---sn-5hne6nsk.googlevideo.com	707 KB
2	360yield.com 2 redirects ad.360yield.com	611 B
2	e-volution.ai 2 redirects sync.e-volution.ai	918 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	757 B
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	adtelligent.com 1 redirects s.adtelligent.com sync.adtelligent.com	1 KB
2	cloudfront.net dkae4asr0dphj.cloudfront.net	25 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com	1 KB
2	weborama.fr 2 redirects idsync.frontend.weborama.fr	671 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com	791 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	mathtag.com 2 redirects pixel.mathtag.com	1 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
1	fouanalytics.com api.fouanalytics.com	603 B
1	ytimg.com i.ytimg.com	30 KB
1	stickyadstv.com ads.stickyadstv.com	576 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	347 B
1	idealmedia.io cm.idealmedia.io	412 B
1	lentainform.com cm.lentainform.com	494 B
1	pubmine.com s.pubmine.com	286 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	543 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	215 B
1	bluekai.com 1 redirects tags.bluekai.com	346 B
1	richaudience.com sync.richaudience.com	361 B
1	mookie1.com odr.mookie1.com	324 B
1	agkn.com 1 redirects aa.agkn.com	381 B
1	theadex.com dmp.theadex.com	334 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	596 B
1	bemail.it 1 redirects bn01.er.bemail.it	659 B
1	exelator.com loadeu.exelator.com	324 B
1	fwmrm.net dmp.v.fwmrm.net	411 B
1	taboola.com trc.taboola.com	161 B
1	adform.net dmp.adform.net	331 B
1	adnxs.com ib.adnxs.com
1	audrte.com a.audrte.com	2 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	mailchimp.com cdn-images.mailchimp.com	2 KB
421	72

	Domain	Requested by
102	www.publinews.gt	70 redirects www.publinews.gt
78	static.publinews.gt	www.publinews.gt
35	pbs.twimg.com	www.publinews.gt
19	securepubads.g.doubleclick.net	www.publinews.gt www.googletagservices.com securepubads.g.doubleclick.net 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
16	mwzeom.zeotap.com	spl.zeotap.com www.publinews.gt
14	s0.2mdn.net	publinewsgt.com 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com s0.2mdn.net www.publinews.gt imasdk.googleapis.com
12	track1.aniview.com	www.publinews.gt player.aniview.com
11	ads.us.e-planning.net	4 redirects www.publinews.gt i.e-planning.net
9	cm.mgid.com	jsc.mgid.com www.publinews.gt s.adtelligent.com
9	publinewsgt.com	www.publinews.gt publinewsgt.com
8	googleads.g.doubleclick.net	player.aniview.com www.publinews.gt
8	pagead2.googlesyndication.com	www.googletagservices.com srcdoc www.publinews.gt tpc.googlesyndication.com
8	abs.twimg.com	www.publinews.gt
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	platform.twitter.com	www.publinews.gt platform.twitter.com
6	tpc.googlesyndication.com	14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com imasdk.googleapis.com tpc.googlesyndication.com
6	stats.g.doubleclick.net	www.google-analytics.com
6	www.googletagmanager.com	www.publinews.gt www.googletagmanager.com
5	x.bidswitch.net	5 redirects
5	pixel.advertising.com	4 redirects player.aniview.com
5	match.adsrvr.org	5 redirects
4	ups.analytics.yahoo.com	1 redirects www.publinews.gt
4	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com www.publinews.gt
4	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com player.aniview.com
4	onetag-sys.com	player.aniview.com
4	s-img.mgid.com	www.publinews.gt
4	pixel.tapad.com	3 redirects www.publinews.gt
4	www.google.de	www.publinews.gt
4	www.google.com	www.publinews.gt
4	cm.g.doubleclick.net	4 redirects
4	www.googletagservices.com	www.publinews.gt securepubads.g.doubleclick.net 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
3	csi.gstatic.com	imasdk.googleapis.com
3	pubads.g.doubleclick.net	imasdk.googleapis.com www.publinews.gt
3	player.aniview.com	dkae4asr0dphj.cloudfront.net player.aniview.com
3	sync-tm.everesttech.net	3 redirects
3	spl.zeotap.com	i.e-planning.net spl.zeotap.com
3	14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
3	fonts.gstatic.com	fonts.googleapis.com
3	adserver.latinon.com	www.publinews.gt adserver.latinon.com
2	rr3---sn-5hne6nsk.googlevideo.com	1 redirects www.publinews.gt
2	ad.360yield.com	2 redirects
2	sync.e-volution.ai	2 redirects
2	creativecdn.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	match.prod.bidr.io	2 redirects www.publinews.gt
2	ads.adaptv.advertising.com	player.aniview.com
2	video-ads.rubiconproject.com	player.aniview.com
2	sync.1rx.io	2 redirects
2	ton.twimg.com	platform.twitter.com
2	cdn.mgid.com	www.publinews.gt
2	syndication.twitter.com	1 redirects platform.twitter.com
2	dkae4asr0dphj.cloudfront.net	www.publinews.gt
2	aax-eu.amazon-adsystem.com	1 redirects www.publinews.gt
2	beacon.krxd.net	spl.zeotap.com www.publinews.gt
2	bcp.crwdcntrl.net	2 redirects
2	idsync.frontend.weborama.fr	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	image6.pubmatic.com	spl.zeotap.com ads.pubmatic.com
2	t.teads.tv	www.publinews.gt
2	ap.lijit.com	2 redirects
2	s.e-planning.net	i.e-planning.net
2	cms.analytics.yahoo.com	1 redirects www.publinews.gt
2	pixel.mathtag.com	2 redirects
2	adservice.google.de	securepubads.g.doubleclick.net
2	tag.navdmp.com	i.e-planning.net tag.navdmp.com
2	www.gstatic.com	www.publinews.gt
2	jsc.mgid.com	www.publinews.gt jsc.mgid.com
2	a.teads.tv	www.publinews.gt s8t.teads.tv
1	api.fouanalytics.com	player.aniview.com
1	i.ytimg.com	www.publinews.gt
1	optimized-by.rubiconproject.com	video-ads.rubiconproject.com
1	beacon-nf.rubiconproject.com	www.publinews.gt
1	sync.adtelligent.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	prebid-server.rubiconproject.com	player.aniview.com
1	ads.stickyadstv.com	player.aniview.com
1	tag.1rx.io	player.aniview.com
1	pixel.rubiconproject.com	www.publinews.gt
1	ssbsync.smartadserver.com	1 redirects
1	cm.idealmedia.io	www.publinews.gt
1	cm.lentainform.com	www.publinews.gt
1	s.pubmine.com	www.publinews.gt
1	secure-assets.rubiconproject.com	1 redirects
1	s.adtelligent.com	cm.mgid.com
1	ads.pubmatic.com	player.aniview.com
1	sync.aniview.com	player.aniview.com
1	sync.targeting.unrulymedia.com	1 redirects
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	jsc.mgid.com
1	gov.aniview.com	player.aniview.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	vast.aniview.com	dkae4asr0dphj.cloudfront.net
1	tags.crwdcntrl.net	s.e-planning.net
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	1 redirects
1	usermatch.krxd.net	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	ib.adnxs.com	spl.zeotap.com
1	u-ams02.e-planning.net	www.publinews.gt
1	a.audrte.com	i.e-planning.net
1	sync.navdmp.com	www.publinews.gt
1	sync2.navdmp.com	www.publinews.gt
1	cdn.navdmp.com	tag.navdmp.com
1	usr.navdmp.com	tag.navdmp.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.publinews.gt
1	certify.alexametrics.com	www.publinews.gt
1	s8t.teads.tv	a.teads.tv
1	certify-js.alexametrics.com	www.publinews.gt
1	cdn-images.mailchimp.com	www.publinews.gt
1	i.e-planning.net	www.publinews.gt
1	fonts.googleapis.com	www.publinews.gt
421	122

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
bit.ly
widgets.mgid.com
www.mgid.com

Subject Issuer	Validity	Valid
publinews.gt R3	`2021-09-30` - `2021-12-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
i.e-planning.net Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-03-06`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
adserver.latinon.com R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
cdn-images.mailchimp.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
publinewsgt.com Go Daddy Secure Certificate Authority - G2	`2021-04-01` - `2022-05-03`	a year	crt.sh
*.e-planning.net R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.audrte.com Amazon	`2021-01-26` - `2022-02-24`	a year	crt.sh
ads.us.e-planning.net R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.theadex.com AlphaSSL CA - SHA256 - G2	`2021-10-01` - `2022-11-02`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-07-26` - `2022-01-19`	6 months	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://www.publinews.gt/gt/
Frame ID: 2970DCD6F9A2555ED2A3846EDF374E1E
Requests: 250 HTTP requests in this frame

Frame: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9C8F787E09B0C977BC2E9FFF5153C401
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstN52UbS-IVaWN8d2ePigKoh-j9iR2gygkmgFKXgumnHGyO48E9lmea6zsu9EURfFIcCc2iLAr9Hb7iDGSIEyXGIG2mKKQQxOvPvB-bIimazs7bePL9HgLajX5qfscvpZV22YhCKtVYX1SR41qm_2qn7n8INEbvHNsxPm_QZ2WnvKxfFXkoEIx_Hhz4PCAMhrki3lGlqPXglHvmcvmGp4EdIn4nHHfDzJi2PZRINbE0rlYdi_kwwh9J0gm0NpCMQc3fxUr-JBd1GwqwKgbZDgRnGIwcOjLAN09rjN5yVLCT54bo3x5vzDxok9p0FKXSgd3srzCkRlKEgtOe9mZT&sai=AMfl-YTT7jpga0FuE5Yovh42sZKnNm3LXlTadKN356VAVVJWL9KLoGO2ZG6lNjdsDVRNdUcsiBaKly1mK6KGjIenLL_d72Mw_lgwVEqdq6uX5ilRZ-wWw7hVgHfIslceImz-&sig=Cg0ArKJSzPyYZVnyZTyLEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 55829333C5EF91CEDEC1C62F86C932D8
Requests: 6 HTTP requests in this frame

Frame: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
Frame ID: C83D686B65A439DB234B5F6E1673CDE7
Requests: 4 HTTP requests in this frame

Frame: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
Frame ID: 5357D24F1F91EFA0126214B2BB0E8563
Requests: 4 HTTP requests in this frame

Frame: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
Frame ID: 372ABA22D6D6DF6ED58F00F94EE1223D
Requests: 4 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361&cmp=0
Frame ID: D8DF964B354B36F49D6C24737EE5290A
Requests: 31 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.publinews.gt
Frame ID: 4FBF8953E71366D61B3EC3A7F169FBBE
Requests: 2 HTTP requests in this frame

Frame: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CA2B329955CD26C15B324442CC538DAE
Requests: 8 HTTP requests in this frame

Frame: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FAFA395A6A84557070A4C8B944A3E747
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/464412/61516332/1637989320058/header%20normal/index.html
Frame ID: E666B9317A4FF54440F1E406C8C496D5
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/464412/4895593409/1634144161824/dk/index.html
Frame ID: 963D1D250C0560DF6B203AE35308B5F8
Requests: 4 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Frame ID: B97FA69DF23C10ACB6E1CE8B891EECDE
Requests: 11 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1465161098072580096/NmUO3H0x?format=jpg&name=600x314
Frame ID: E8AD381AE2F2C4E16B03539A79999506
Requests: 52 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1638159361487526343772
Frame ID: EF98927C93B3D3C0EE6F8DFF65DBD74B
Requests: 1 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
Frame ID: FFD0279920EF8F6A85DD4B23AFA907A1
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1638159361041-926266246083-005649-001-002202&biddername=200&key=RX-b8f83d16-3377-43da-912a-e9a306a7188d-003
Frame ID: 8163D0DC660E39D8FD9747EB1F41FD3F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 884A6E6C429431E7CE70C363ED7B0EE8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638159361041-926266246083-005649-001-002202%26biddername%3D1%26key%3D
Frame ID: 2F9E95BD4F7358A38C6F5C2180F4D65F
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: DF76C6715DD419BA1C0B4BA0D84B2C95
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 5F2C57616881AC154C675FE6C5057F27
Requests: 3 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31037.js
Frame ID: 8AA12FC50074B91353C71DD8CE934376
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: 842651C06F4B68EE048ECD3D03EAF44A
Requests: 18 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 28F19D1F676785A44CA8A938ABFFDDEB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 36222EEF3F73BA89043315DF9B53D198
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1638159361609
Frame ID: C5E9F1D9C39171C80C120C439B8B4EEC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 14777F2546081590A9FC84A250F3BD52
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/simid/simid_trueview_en.html
Frame ID: 7728875C7C2C224AE496BA5F49B7C206
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 6467921F2517FF55EE50DB5DF763F609
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Noticias, Deportes y Espectáculos de Guatemala y el Mundo | Publinews

Page Statistics

421
Requests

74 %
HTTPS

32 %
IPv6

72
Domains

122
Subdomains

85
IPs

12
Countries

9493 kB
Transfer

14809 kB
Size

98
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/publinewsguatemala
Title: f

Search URL Search Domain Scan URL

URL: https://twitter.com/PublinewsGT
Title: t

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/PublinewsGuatemala
Title: y

Search URL Search Domain Scan URL

URL: https://www.instagram.com/publinewsguatemala/
Title: i

Search URL Search Domain Scan URL

URL: https://bit.ly/2NsKv08

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.publinews.gt&utm_medium=referral&utm_campaign=widgets&utm_content=1129387

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4147883/i/57463017/0/pp/1/1?h=tzRRekHRPG8lQT_7XKbR7iYMLw95eJngkVnik3q0Iuk8lmZEaMfs0yli7ykaDQ0L&rid=0fa498cb-50cb-11ec-b867-d094662c24f7&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/10839628/i/57463017/0/pp/2/1?h=tzRRekHRPG8lQT_7XKbR7tQEWCb-WoCUrojVaPtf7GHQRhNCj98wYhH6UdcRlOGp&rid=0fa498cb-50cb-11ec-b867-d094662c24f7&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805432/i/57463017/0/pp/3/1?h=tzRRekHRPG8lQT_7XKbR7kA8v7P09o6pmbnc9orBawrpGZ0tcn9pq4fItkle0zGL&rid=0fa498cb-50cb-11ec-b867-d094662c24f7&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805560/i/57463017/0/pp/4/1?h=tzRRekHRPG8lQT_7XKbR7o5v4QAfOoNI1DkAwsgBBhUG0EOtKc9MAIlZrYTgH2Y_&rid=0fa498cb-50cb-11ec-b867-d094662c24f7&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.publinews.gt/gt/wp-content/uploads/2020/06/svgpublinews.svg HTTP 301
https://static.publinews.gt/2020/06/svgpublinews.svg

Request Chain 62

https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?rnd=0.9218702018165441&e=adheader:300x250!/GT_PN/ad_header&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159359&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1--- HTTP 302
https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=adheader:300x250!/GT_PN/ad_header&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159359&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---

Request Chain 66

https://www.publinews.gt/gt/wp-content/uploads/2021/10/Skin.jpg HTTP 301
https://static.publinews.gt/2021/10/Skin.jpg

Request Chain 67

https://www.publinews.gt/gt/wp-content/uploads/2021/01/laboratorio-movil-salud-300x300.jpeg HTTP 301
https://static.publinews.gt/2021/01/laboratorio-movil-salud-300x300.jpeg

Request Chain 68

https://www.publinews.gt/gt/wp-content/uploads/2021/11/sergio-ramos-opina-sobre-messi-y-balon-de-oro-2021-publinews--300x168.png HTTP 301
https://static.publinews.gt/2021/11/sergio-ramos-opina-sobre-messi-y-balon-de-oro-2021-publinews--300x168.png

Request Chain 69

https://www.publinews.gt/gt/wp-content/uploads/2021/11/hombre-guatemala-miami-oculto-1-300x168.png HTTP 301
https://static.publinews.gt/2021/11/hombre-guatemala-miami-oculto-1-300x168.png

Request Chain 70

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Policia-remite-a-39-inmigrantes-de-distintas-nacionalidades-en-chiquimula-28-de-noviembre-2021-300x168.jpg HTTP 301
https://static.publinews.gt/2021/11/Policia-remite-a-39-inmigrantes-de-distintas-nacionalidades-en-chiquimula-28-de-noviembre-2021-300x168.jpg

Request Chain 71

https://www.publinews.gt/gt/wp-content/uploads/2021/11/aves-paci%CC%81fico-gt-2-300x168.jpg HTTP 301
https://static.publinews.gt/2021/11/aves-paci%CC%81fico-gt-2-300x168.jpg

Request Chain 72

https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?rnd=0.9218702018165441&e=ad300x2504:300x250!/GT_PN/ad_300x250_4&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1--- HTTP 302
https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=ad300x2504:300x250!/GT_PN/ad_300x250_4&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---

Request Chain 80

https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?rnd=0.9218702018165441&e=ad300x2502:300x250!/GT_PN/ad_300x250_2&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1--- HTTP 302
https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=ad300x2502:300x250!/GT_PN/ad_300x250_2&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---

Request Chain 81

https://www.publinews.gt/gt/wp-content/uploads/2021/08/coronavirus-guatemala-hospital-general-san-juan-de-dios-5-300x168.jpeg HTTP 301
https://static.publinews.gt/2021/08/coronavirus-guatemala-hospital-general-san-juan-de-dios-5-300x168.jpeg

Request Chain 82

https://www.publinews.gt/gt/wp-content/uploads/2021/08/coronavirus-guatemala-hospital-general-san-juan-de-dios-187x140.jpeg HTTP 301
https://static.publinews.gt/2021/08/coronavirus-guatemala-hospital-general-san-juan-de-dios-187x140.jpeg

Request Chain 83

https://www.publinews.gt/gt/wp-content/uploads/2021/10/vacunacion-en-menores-covid19-coronavirus-pandemia-guatemala-2021-187x140.jpg HTTP 301
https://static.publinews.gt/2021/10/vacunacion-en-menores-covid19-coronavirus-pandemia-guatemala-2021-187x140.jpg

Request Chain 84

https://www.publinews.gt/gt/wp-content/uploads/2021/11/conferencia-de-prensa-de-autoridades-del-Ministerio-de-Salud-y-Asistencia-Social-MSPAS-sobre-pandemia-covid-19-en-guatemala-23-de-noviembre-2021-7-187x140.jpg HTTP 301
https://static.publinews.gt/2021/11/conferencia-de-prensa-de-autoridades-del-Ministerio-de-Salud-y-Asistencia-Social-MSPAS-sobre-pandemia-covid-19-en-guatemala-23-de-noviembre-2021-7-187x140.jpg

Request Chain 85

https://www.publinews.gt/gt/wp-content/uploads/2021/10/pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-2-300x300.jpg HTTP 301
https://static.publinews.gt/2021/10/pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-2-300x300.jpg

Request Chain 86

https://www.publinews.gt/gt/wp-content/uploads/2021/10/pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-3-300x300.jpg HTTP 301
https://static.publinews.gt/2021/10/pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-3-300x300.jpg

Request Chain 87

https://www.publinews.gt/gt/wp-content/uploads/2021/11/bazar-naviden%CC%83o-sexta-calle-zona-1-1-300x300.jpeg HTTP 301
https://static.publinews.gt/2021/11/bazar-naviden%CC%83o-sexta-calle-zona-1-1-300x300.jpeg

Request Chain 88

https://www.publinews.gt/gt/wp-content/uploads/2021/11/PNC-zona-2-secuestro-300x168.jpg HTTP 301
https://static.publinews.gt/2021/11/PNC-zona-2-secuestro-300x168.jpg

Request Chain 89

https://www.publinews.gt/gt/wp-content/uploads/2021/11/vehiculo-volcado-atanasio-300x300.png HTTP 301
https://static.publinews.gt/2021/11/vehiculo-volcado-atanasio-300x300.png

Request Chain 90

https://www.publinews.gt/gt/wp-content/uploads/2021/11/accidente-zona-7-capita--187x140.jpg HTTP 301
https://static.publinews.gt/2021/11/accidente-zona-7-capita--187x140.jpg

Request Chain 91

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Carrozas-naviden%CC%83as-paseo-sexta-3-187x140.jpg HTTP 301
https://static.publinews.gt/2021/11/Carrozas-naviden%CC%83as-paseo-sexta-3-187x140.jpg

Request Chain 92

https://www.publinews.gt/gt/wp-content/uploads/2021/11/campan%CC%83a-fiestas-fin-de-an%CC%83o-juntos-nos-cuidamos-publinews12-187x140.jpeg HTTP 301
https://static.publinews.gt/2021/11/campan%CC%83a-fiestas-fin-de-an%CC%83o-juntos-nos-cuidamos-publinews12-187x140.jpeg

Request Chain 93

https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?rnd=0.9218702018165441&e=ad300x2503:300x250!/GT_PN/ad_300x250_3&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1--- HTTP 302
https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=ad300x2503:300x250!/GT_PN/ad_300x250_3&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=67786404953 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=67786404953&google_gid=CAESEC31VBbMeFhY2TSyziXdiCg&google_cver=1

Request Chain 96

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=b86e61a4-53ff-4000-b37d-cc4f52a4e882

Request Chain 104

https://www.publinews.gt/gt/wp-content/uploads/2021/11/bebe-tabla-snowboard-300x168.jpg HTTP 301
https://static.publinews.gt/2021/11/bebe-tabla-snowboard-300x168.jpg

Request Chain 105

https://www.publinews.gt/gt/wp-content/uploads/2020/12/covid-19-reino-unido-187x140.jpg HTTP 301
https://static.publinews.gt/2020/12/covid-19-reino-unido-187x140.jpg

Request Chain 106

https://www.publinews.gt/gt/wp-content/uploads/2021/11/elecciones-honduras-2021--187x140.jpg HTTP 301
https://static.publinews.gt/2021/11/elecciones-honduras-2021--187x140.jpg

Request Chain 107

https://www.publinews.gt/gt/wp-content/uploads/2021/11/terremoto-peru%CC%81-28-11-2021--187x140.png HTTP 301
https://static.publinews.gt/2021/11/terremoto-peru%CC%81-28-11-2021--187x140.png

Request Chain 108

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Cinta-amarilla-crimen--300x300.png HTTP 301
https://static.publinews.gt/2021/11/Cinta-amarilla-crimen--300x300.png

Request Chain 109

https://www.publinews.gt/gt/wp-content/uploads/2021/01/coronavirus-reino-unido-1-187x140.jpg HTTP 301
https://static.publinews.gt/2021/01/coronavirus-reino-unido-1-187x140.jpg

Request Chain 110

https://www.publinews.gt/gt/wp-content/uploads/2020/12/nueva-cepa-coronavirus-que-se-sabe-hasta-ahora-publinews-187x140.jpg HTTP 301
https://static.publinews.gt/2020/12/nueva-cepa-coronavirus-que-se-sabe-hasta-ahora-publinews-187x140.jpg

Request Chain 111

https://www.publinews.gt/gt/wp-content/uploads/2020/07/expertos-advierten-covid-19-podria-transmitirse-via-aerea-publinews-187x140.jpg HTTP 301
https://static.publinews.gt/2020/07/expertos-advierten-covid-19-podria-transmitirse-via-aerea-publinews-187x140.jpg

Request Chain 112

https://www.publinews.gt/gt/wp-content/uploads/2021/11/marcha-mujeres-mexico-2021-300x168.jpg HTTP 301
https://static.publinews.gt/2021/11/marcha-mujeres-mexico-2021-300x168.jpg

Request Chain 113

https://www.publinews.gt/gt/wp-content/uploads/2021/11/entrega-balon-de-oro-2021-publinews--640x640.png HTTP 301
https://static.publinews.gt/2021/11/entrega-balon-de-oro-2021-publinews--640x640.png

Request Chain 114

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Vinicius-414x232.jpg HTTP 301
https://static.publinews.gt/2021/11/Vinicius-414x232.jpg

Request Chain 115

https://www.publinews.gt/gt/wp-content/uploads/2021/11/resultado-partido-mictlan-vs-deportivo-mixco-primera-division-publinews--414x232.png HTTP 301
https://static.publinews.gt/2021/11/resultado-partido-mictlan-vs-deportivo-mixco-primera-division-publinews--414x232.png

Request Chain 120

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Db7805fed7af65f9c%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Db7805fed7af65f9c%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=b7805fed7af65f9c&uid=37fafbb702b8c854415d79b2

Request Chain 160

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-chechapaiz-150x150.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-chechapaiz-150x150.jpg

Request Chain 161

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-giovannifratti.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg

Request Chain 162

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-josesanabria.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-josesanabria.jpg

Request Chain 163

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-julissamartinez-150x150.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-julissamartinez-150x150.jpg

Request Chain 164

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-luisvalenzuela.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg

Request Chain 165

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-mariaace%C3%B1a.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg

Request Chain 166

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-nelsonleal-150x150.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-nelsonleal-150x150.jpg

Request Chain 167

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-paolarivano.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-paolarivano.jpg

Request Chain 168

https://www.publinews.gt/gt/wp-content/uploads/2021/11/resultados-semifinales-ida-primera-division-publinews-3-414x232.jpg HTTP 301
https://static.publinews.gt/2021/11/resultados-semifinales-ida-primera-division-publinews-3-414x232.jpg

Request Chain 169

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Coban-Municipal-apertura-2021-3-640x640.jpeg HTTP 301
https://static.publinews.gt/2021/11/Coban-Municipal-apertura-2021-3-640x640.jpeg

Request Chain 170

https://www.publinews.gt/gt/wp-content/uploads/2021/11/victoria-del-PSG-5-414x232.jpeg HTTP 301
https://static.publinews.gt/2021/11/victoria-del-PSG-5-414x232.jpeg

Request Chain 171

https://www.publinews.gt/gt/wp-content/uploads/2021/11/encanto-disney-300x168.jpg HTTP 301
https://static.publinews.gt/2021/11/encanto-disney-300x168.jpg

Request Chain 172

https://www.publinews.gt/gt/wp-content/uploads/2021/11/ricardo-arjona-publinews-187x140.jpg HTTP 301
https://static.publinews.gt/2021/11/ricardo-arjona-publinews-187x140.jpg

Request Chain 173

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Irina-Baeva-187x140.jpg HTTP 301
https://static.publinews.gt/2021/11/Irina-Baeva-187x140.jpg

Request Chain 174

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Dannia-Guevara-1-187x140.jpg HTTP 301
https://static.publinews.gt/2021/11/Dannia-Guevara-1-187x140.jpg

Request Chain 175

https://www.publinews.gt/gt/wp-content/uploads/2020/09/lobo-vasquez-festeja-no-estara-memo-ochoa-en-partido-mexico-vs-guatemala-publinews-2-300x300.jpg HTTP 301
https://static.publinews.gt/2020/09/lobo-vasquez-festeja-no-estara-memo-ochoa-en-partido-mexico-vs-guatemala-publinews-2-300x300.jpg

Request Chain 176

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Cindy-Crawford-hija-en-topless-187x140.jpg HTTP 301
https://static.publinews.gt/2021/11/Cindy-Crawford-hija-en-topless-187x140.jpg

Request Chain 177

https://www.publinews.gt/gt/wp-content/uploads/2021/10/Celia-Lora-187x140.jpg HTTP 301
https://static.publinews.gt/2021/10/Celia-Lora-187x140.jpg

Request Chain 178

https://www.publinews.gt/gt/wp-content/uploads/2021/11/kimberly-flores-publinews-3-187x140.png HTTP 301
https://static.publinews.gt/2021/11/kimberly-flores-publinews-3-187x140.png

Request Chain 179

https://www.publinews.gt/gt/wp-content/uploads/2021/11/kpop-publinews--300x168.jpg HTTP 301
https://static.publinews.gt/2021/11/kpop-publinews--300x168.jpg

Request Chain 180

https://www.publinews.gt/gt/wp-content/uploads/2021/11/el-tecnico-del-internet-publinews-1-1-414x232.png HTTP 301
https://static.publinews.gt/2021/11/el-tecnico-del-internet-publinews-1-1-414x232.png

Request Chain 181

https://www.publinews.gt/gt/wp-content/uploads/2019/12/17/yanetgarciasinma-0acce5e144a9e3fce9c066023b835291-187x140.jpg HTTP 301
https://static.publinews.gt/2019/12/17/yanetgarciasinma-0acce5e144a9e3fce9c066023b835291-187x140.jpg

Request Chain 182

https://www.publinews.gt/gt/wp-content/uploads/2021/11/alicia-machado-y-roberto-romano-187x140.jpg HTTP 301
https://static.publinews.gt/2021/11/alicia-machado-y-roberto-romano-187x140.jpg

Request Chain 183

https://www.publinews.gt/gt/wp-content/uploads/2018/01/29/madonnatoplessinstagram-f054acf11873e2ff60f5f9dfcc98335f-414x232.jpg HTTP 301
https://static.publinews.gt/2018/01/29/madonnatoplessinstagram-f054acf11873e2ff60f5f9dfcc98335f-414x232.jpg

Request Chain 184

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Hijo-de-Arnold-Schwarzenegger-187x140.jpg HTTP 301
https://static.publinews.gt/2021/11/Hijo-de-Arnold-Schwarzenegger-187x140.jpg

Request Chain 185

https://www.publinews.gt/gt/wp-content/uploads/2020/04/30/laurabozzo-0a7dcb2071e3f42be201c4202ab760dc-187x140.jpg HTTP 301
https://static.publinews.gt/2020/04/30/laurabozzo-0a7dcb2071e3f42be201c4202ab760dc-187x140.jpg

Request Chain 186

https://www.publinews.gt/gt/wp-content/uploads/2021/11/PORTADA-PUBLINEWS-26-NOVIEMBRE-2021.jpg HTTP 301
https://static.publinews.gt/2021/11/PORTADA-PUBLINEWS-26-NOVIEMBRE-2021.jpg

Request Chain 187

https://www.publinews.gt/gt/wp-content/uploads/2021/11/lucio-madre-pareja-asesinato-300x300.png HTTP 301
https://static.publinews.gt/2021/11/lucio-madre-pareja-asesinato-300x300.png

Request Chain 188

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Best-Buy-robo-300x168.png HTTP 301
https://static.publinews.gt/2021/11/Best-Buy-robo-300x168.png

Request Chain 189

https://www.publinews.gt/gt/wp-content/uploads/2021/11/foto-de-recurso-de-una-prueba-de-covid-187x140.jpg HTTP 301
https://static.publinews.gt/2021/11/foto-de-recurso-de-una-prueba-de-covid-187x140.jpg

Request Chain 190

https://www.publinews.gt/gt/wp-content/uploads/2021/11/influencer-famosa-hombre-50-an%CC%83os1-187x140.png HTTP 301
https://static.publinews.gt/2021/11/influencer-famosa-hombre-50-an%CC%83os1-187x140.png

Request Chain 191

https://www.publinews.gt/gt/wp-content/uploads/2021/11/accidente-choca-seis-carros-Argentina-187x140.png HTTP 301
https://static.publinews.gt/2021/11/accidente-choca-seis-carros-Argentina-187x140.png

Request Chain 192

https://www.publinews.gt/gt/wp-content/uploads/2021/11/juan-jose-castillo-black-friday-300x300.jpg HTTP 301
https://static.publinews.gt/2021/11/juan-jose-castillo-black-friday-300x300.jpg

Request Chain 193

https://www.publinews.gt/gt/wp-content/uploads/2021/11/mujer-se-traga-auriculares-inalambricos-pastilla-300x300.png HTTP 301
https://static.publinews.gt/2021/11/mujer-se-traga-auriculares-inalambricos-pastilla-300x300.png

Request Chain 194

https://www.publinews.gt/gt/wp-content/uploads/2021/11/black-friday-ofertas-centro-comercial-spectrum-publinews-1-300x300.png HTTP 301
https://static.publinews.gt/2021/11/black-friday-ofertas-centro-comercial-spectrum-publinews-1-300x300.png

Request Chain 195

https://www.publinews.gt/gt/wp-content/uploads/2021/11/luces-campero-show-guatemala-2021-emisoras-unidas-publinews-1-300x168.jpeg HTTP 301
https://static.publinews.gt/2021/11/luces-campero-show-guatemala-2021-emisoras-unidas-publinews-1-300x168.jpeg

Request Chain 196

https://www.publinews.gt/gt/wp-content/uploads/2021/11/gran-bazar-fetiche-noviembre-fragancias-ofertas-publinews-5-300x168.png HTTP 301
https://static.publinews.gt/2021/11/gran-bazar-fetiche-noviembre-fragancias-ofertas-publinews-5-300x168.png

Request Chain 197

https://www.publinews.gt/gt/wp-content/uploads/2021/11/universidad-galileo-alcanza-millon-estudiantes-edx-clases-virtuales-publinews-1-300x168.png HTTP 301
https://static.publinews.gt/2021/11/universidad-galileo-alcanza-millon-estudiantes-edx-clases-virtuales-publinews-1-300x168.png

Request Chain 198

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Licores-de-Guatemala-300x168.jpg HTTP 301
https://static.publinews.gt/2021/11/Licores-de-Guatemala-300x168.jpg

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEPWxX607ECcXnAnhV7od0Uo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361

Request Chain 206

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=4022b571-2bf9-447f-bdd3-6ab87424af39&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361

Request Chain 208

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=646e248e-bc67-48ca-8f5b-e472d1b7d497&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361

Request Chain 212

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=996d38c9-6a71-40d2-be91-dd02eda6bacc&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 213

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=fcbe4019-3893-4fd3-5562-e693783720b2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=fcbe4019-3893-4fd3-5562-e693783720b2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=68954712913946408102542763565108005005&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361

Request Chain 215

https://bn01.er.bemail.it/zeotap.php?_bid=fcbe4019-3893-4fd3-5562-e693783720b2&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2021112905-88281-0.708348001638159365-ca1dcb6325c77f9bbe1d0ac4b67c18c9&zdid=533&env=mWeb

Request Chain 216

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7035840876843759764&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361

Request Chain 217

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=fcbe4019-3893-4fd3-5562-e693783720b2 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=fcbe4019-3893-4fd3-5562-e693783720b2

Request Chain 218

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=fcbe4019-3893-4fd3-5562-e693783720b2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=fcbe4019-3893-4fd3-5562-e693783720b2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361&bounce=1&random=24486310 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=qFQlYr.5jzky1nQP6UOlrO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361

Request Chain 220

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=fcbe4019-3893-4fd3-5562-e693783720b2?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=fcbe4019-3893-4fd3-5562-e693783720b2?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=edc9d904ff18d47d89b255cb51e23e66&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361

Request Chain 221

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-sIYG6yBE2opRtA558d1V9_xEtoXpFfDDEg--~A&zpartnerid=570&env=mWeb

Request Chain 222

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=XPYYWYzWK41618NjfJNQvj8ODzQXxdVV%2BS41iYitP1U%3D

Request Chain 226

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361&_test=YaRUAAAIGMd3TQBR HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YaRUAAAIGMd3TQBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361&_test=YaRUAAAIGMd3TQBR

Request Chain 227

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=b86e61a4-53ff-4000-b37d-cc4f52a4e882&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361

Request Chain 228

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361

Request Chain 229

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fcbe4019-3893-4fd3-5562-e693783720b2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fcbe4019-3893-4fd3-5562-e693783720b2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361&dcc=t

Request Chain 230

https://tags.bluekai.com/site/87734?id=fcbe4019-3893-4fd3-5562-e693783720b2&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

Request Chain 231

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361

Request Chain 329

https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Request Chain 330

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638159361041-926266246083-005649-001-002202%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3640232785 HTTP 302
https://sync.1rx.io/usersync/tradedesk/646e248e-bc67-48ca-8f5b-e472d1b7d497 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b8f83d16-3377-43da-912a-e9a306a7188d-003?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638159361041-926266246083-005649-001-002202%26biddername%3D200%26key%3DRX-b8f83d16-3377-43da-912a-e9a306a7188d-003 HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1638159361041-926266246083-005649-001-002202&biddername=200&key=RX-b8f83d16-3377-43da-912a-e9a306a7188d-003

Request Chain 343

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 344

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=&_bee_ppp=1 HTTP 303
https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=ABzCxk7DSKgAACrsjHsDFQ&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=712269ee-708e-411c-b8d4-ea99fb0dabd7&gdpr=&gdpr_consent=&us_privacy=

Request Chain 345

https://x.bidswitch.net/sync?dsp_id=303&user_id=las1bKtsVGgk HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=las1bKtsVGgk HTTP 302
https://s.pubmine.com/match?bidder_id=1&external_user_id=712269ee-708e-411c-b8d4-ea99fb0dabd7&ssp_data=&gdpr=&gdpr_consent=

Request Chain 348

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=55646076-f716-4014-b0bb-b187ede55103

Request Chain 349

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=4FrMuAk1tVx7vL3W1O3O&pi=mgid&tc=1

Request Chain 350

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=646e248e-bc67-48ca-8f5b-e472d1b7d497&ttl=1640751361

Request Chain 352

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=las1bKtsVGgk HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=6004880024033247267&gdpr=0&gdpr_consent= HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 353

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFzMWJLdHNWR2dr&muidn=las1bKtsVGgk HTTP 302
https://cm.mgid.com/google?muidn=las1bKtsVGgk&google_ula={guid},5&google_gid=CAESEKMPXmcx9Ur5PQLwIKG2sSY&google_cver=1

Request Chain 354

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=4bc12208-fe51-45dd-b1e9-21c3b8951b2e

Request Chain 373

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
https://cm.mgid.com/m?cdsp=617666&c=55faa017425e145f

Request Chain 382

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 386

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=646e248e-bc67-48ca-8f5b-e472d1b7d497&_origin=1&gdpr=1&gdpr_consent=

Request Chain 387

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP0fd0d507-50cb-11ec-9982-06a20cd9f756 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAwZmQwZDUwNy01MGNiLTExZWMtOTk4Mi0wNmEyMGNkOWY3NTY%3D HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEGn1czUyVTHnf2uUZjyEMUA&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEGn1czUyVTHnf2uUZjyEMUA&google_cver=1&apid=UP0fd0d507-50cb-11ec-9982-06a20cd9f756

Request Chain 388

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YaRUAAAIGMd3TQBR&_origin=0&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YaRUAAAIGMd3TQBR&_origin=0&gdpr=0&gdpr_consent=&apid=UP0fd0d507-50cb-11ec-9982-06a20cd9f756

Request Chain 389

https://ads.stickyadstv.com/auto-user-sync HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f4b75b7c5ccb53dbec2b6a17a9c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e45b8_7035840881131315970 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjRiNzViN2M1Y2NiNTNkYmVjMmI2YTE3YTlj&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEImj4BC0MJaJ0xgS1M_t7oI&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=646e248e-bc67-48ca-8f5b-e472d1b7d497 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/f4b75b7c5ccb53dbec2b6a17a9c?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-FOLCVGhE2oPNyKaAlUdgujMi3VH8RHv10Wvr.s3y~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6299299316721760770 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=b86e61a4-53ff-4000-b37d-cc4f52a4e882&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3313540736379815739 HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=0zmNlsEF1MRy5c5 HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=

Request Chain 399

https://rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1638188162&ei=AlSkYfSzJ8aH8gOSlLSwCw&ip=185.213.155.164&id=4c3ad75bd702f614&itag=22&source=youtube&requiressl=yes&mh=Ex&mm=31&mn=sn-5hne6nsk&ms=au&mv=m&mvi=3&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=11.052&lmt=1637192460833362&mt=1638158943&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAN2NsIo1srZGo0r9Gelm39aObsFaAgceO9-mD9DT9uecAiEApvFUpwXd7O3DoHO_HrGjnG7clnPiJhAEEa1zFbDnp-Q=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJ51qqHnyo1uRghnJE8tLIQNPq7HmY2SINMCY1ZGqdwsAiEAgiPa8DGGiFlntv81SDgdPLiA2yFLvWOzKJeC9VgfBmo=&cpn=amN67D4r35ehnroO HTTP 302
https://rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1638188162&ei=AlSkYfSzJ8aH8gOSlLSwCw&ip=185.213.155.164&id=4c3ad75bd702f614&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=11.052&lmt=1637192460833362&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAN2NsIo1srZGo0r9Gelm39aObsFaAgceO9-mD9DT9uecAiEApvFUpwXd7O3DoHO_HrGjnG7clnPiJhAEEa1zFbDnp-Q=&cpn=amN67D4r35ehnroO&redirect_counter=1&rm=sn-5hnely7s&fexp=24103968&req_id=4cb830f88ef636e2&cms_redirect=yes&ipbypass=yes&mh=Ex&mip=2a03:1b20:6:f011::4e&mm=31&mn=sn-5hne6nsk&ms=au&mt=1638159188&mv=m&mvi=3&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAN0Wo1dzmld5OktGF0eVNr6sL9lksBm30yyiruJaV1DBAiEA2cGwT_2Z99oJFccYKnIiqefSJ5M7u3YNROoUIwkMqLk%3D

421 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.publinews.gt/gt/ 329 KB
50 KB 2009ms
1975ms Document
text/html 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

0cb84ffc011aa15877ef9fe46635eac99861b74820b11c0f8522602a961247f9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.20.1
Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 50303
Connection: keep-alive
Link: <https://www.publinews.gt/gt/wp-json/>; rel="https://api.w.org/" <https://www.publinews.gt/gt/wp-json/wp/v2/pages/1286779>; rel="alternate"; type="application/json" <https://www.publinews.gt/gt/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.min.css
www.publinews.gt/gt/wp-includes/css/dist/block-library/ 53 KB
8 KB 15ms
15ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Sat, 12 Sep 2020 03:45:57 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7907
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK simple-line-icons.css
www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/ 11 KB
3 KB 31ms
15ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/simple-line-icons.css?ver=1.3.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

f293486948d4cba26c6b835bdd574b4085e62da749b86019f5f6fab3535b0e39

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jun 2020 19:49:26 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2363
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/css/ 15 KB
3 KB 38ms
16ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/css/style.css?ver=1.3.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

4bc4b508bb0ccc41052f6a18eb23441543da2d209c152f62577e954367b4d62d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jun 2020 19:49:26 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2892
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK svgs-attachment.css
www.publinews.gt/gt/wp-content/plugins/svg-support/css/ 68 B
315 B 36ms
14ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/svg-support/css/svgs-attachment.css?ver=5.5.3

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

5533874c2b0145642ca304f110240fcdb05253df388c2f7b97c053ad5eb69b65

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Last-Modified: Sun, 28 Jun 2020 19:50:01 GMT
Server: nginx/1.20.1
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sps_front_style.css
www.publinews.gt/gt/wp-content/plugins/sync-post-with-other-site/assets/css/ 0
246 B 35ms
13ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/sync-post-with-other-site/assets/css/sps_front_style.css?rand=265&ver=1.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Last-Modified: Thu, 01 Oct 2020 01:26:05 GMT
Server: nginx/1.20.1
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK default-style.css
www.publinews.gt/gt/wp-content/plugins/top-10/css/ 1 KB
786 B 35ms
14ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/top-10/css/default-style.css?ver=1.0

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

883282dd40d25aef7a308257f1ac4efbdd1f3e436e53356be71ca2251648a0ff

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Nov 2020 04:57:29 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 491
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 133ms
46ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A400%2C700%2C600&subset=latin%2Clatin-ext&ver=2.3.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b6e2cb91e192cdb8e9b9e19440a7abd15c19c64f4e71f473476a129f5f025466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 04:15:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Nov 2021 04:15:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Nov 2021 04:15:59 GMT

GET
H/1.1 200
OK min.css
www.publinews.gt/gt/wp-content/themes/herald/assets/css/ 223 KB
37 KB 52ms
31ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/themes/herald/assets/css/min.css?ver=2.3.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

13da1114f815e6960747b26eee1a0631bee66d27addc1b60e813a06345103925

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Aug 2020 18:12:36 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37826
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
www.publinews.gt/gt/wp-content/plugins/meks-easy-ads-widget/css/ 592 B
544 B 44ms
14ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/meks-easy-ads-widget/css/style.css?ver=2.0.4

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

558306120cd54b9bb7193b5a7b4209b9e29c0a639d298da2b0e906fbdc05e946

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jun 2020 19:49:14 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 249
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
www.publinews.gt/gt/wp-content/plugins/meks-smart-social-widget/css/ 41 KB
6 KB 50ms
14ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/meks-smart-social-widget/css/style.css?ver=1.4

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

e24928d7d73d973842a21a3f630f4b4ef2eb8c139130820ca0f6f7c2d7a15245

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jun 2020 19:49:37 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5698
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.css
www.publinews.gt/gt/wp-content/plugins/meks-easy-social-share/assets/css/ 9 KB
2 KB 49ms
13ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/meks-easy-social-share/assets/css/main.css?ver=1.2.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

a61e94c6cee47c0f689736d8b6d3a8ba98f9501a3e834b2cdedc374e4b88c6cf

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jun 2020 19:49:22 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1720
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK wp-review.css
www.publinews.gt/gt/wp-content/plugins/wp-review/public/css/ 37 KB
6 KB 50ms
14ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/wp-review/public/css/wp-review.css?ver=5.3.4

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Nov 2020 03:23:07 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5976
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.js Show response
www.publinews.gt/gt/wp-includes/js/jquery/ 95 KB
33 KB 64ms
27ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jun 2020 18:54:43 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33776
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 190ms
101ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-53456215-1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9f82a5ea9ab5a9519b63af5d5e8ab4cfc8530d9452ad33a7307949a60324426

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36122
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Nov 2021 04:15:59 GMT

GET
H2 200 hbdfp.js Show response
i.e-planning.net/layers/ 39 KB
14 KB 77ms
9ms Script
application/x-javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/layers/hbdfp.js
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 738832e51c55b88cc185c0ce29dfe95049caf277090e04dd84bcfc3077952a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 86400.000
x-cf1: 29080:fB.fra2:co:1631813166:cacheN.fra2-01:H
content-length: 14128
x-cf-tsc: 1638120917
x-cf2: H
last-modified: Thu, 16 Sep 2021 16:52:03 GMT
server: CFS 0215
x-cff: B
etag: "61437633-9b0b"
content-type: application/x-javascript
cache-control: max-age=86400
cf4age: 85007
accept-ranges: bytes
expires: Sun, 28 Nov 2021 17:58:29 GMT

GET
H2 200 tag Show response
a.teads.tv/page/82680/ 780 B
686 B 79ms
38ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/82680/tag
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0a1bb0bc800de66b72ab473c17e20e5a1a5f455b8109b062e0bd62d87e2bf26e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 486
expires: Mon, 29 Nov 2021 05:15:59 GMT

GET
H/1.1 200
OK asyncjs.php Show response
adserver.latinon.com/revive/www/delivery/ 4 KB
5 KB 387ms
97ms Script
text/javascript 64.227.27.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://adserver.latinon.com/revive/www/delivery/asyncjs.php

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.227.27.145 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

1feccc5457246a341b82f181fa84317e9dd084c63ac370c1ac43104c3cbf3329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: 11dac5182c2ea03a67dd87cdf9937cd5
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=3600
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=20
Expire: Mon, 29 Nov 2021 05:15:59 GMT
X-Xss-Protection: 1; mode=block

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 134ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1058 / 730 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 04:15:59 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 131ms
46ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1058 / 977 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 04:15:59 GMT

GET
H/1.1

200
OK

svgpublinews.svg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/svgpublinews.svg
https://static.publinews.gt/2020/06/svgpublinews.svg

9 KB
9 KB

57ms
11ms

Image
image/svg+xml

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/svgpublinews.svg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 7965777dcddb12ba6fcbfdb90bbbe664dfeec6ee3fb6a069c1fad9980bc25a10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Last-Modified: Mon, 29 Jun 2020 01:16:03 GMT
Server: nginx/1.20.1
ETag: "5ef940d3-23ac"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9132

Redirect headers

Location: https://static.publinews.gt/2020/06/svgpublinews.svg
Date: Mon, 29 Nov 2021 04:15:59 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1 200
OK portada-web.jpg
www.publinews.gt/gt/portadas/ 19 KB
19 KB 14ms
14ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.publinews.gt/gt/portadas/portada-web.jpg?dummy=5509

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

01250d1d31574fad0be4f8cbfee67a9ba251b96e7e924389ec44f81dfd4d1399

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Last-Modified: Fri, 26 Nov 2021 05:52:00 GMT
Server: nginx/1.20.1
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19668
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK horizontal-slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
2 KB 51ms
7ms Stylesheet
text/css 143.204.96.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-96-118.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 18:49:43 GMT
Via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
Last-Modified: Wed, 16 Dec 2015 16:21:55 GMT
Server: AmazonS3
Age: 33977
ETag: "bd21b0313fe7dc2b8ac08955a7ef1209"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 2013
X-Amz-Cf-Id: bxHOwaoNCuNZOSM1CoQnJsvhe9xIyJARWsVLhXjLJG6p7DfAzvzjcg==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 35ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (frb/67AA)
Age: 998
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29104

GET
H2 200 publinews.gt.1129387.js Show response
jsc.mgid.com/p/u/ 2 KB
1 KB 48ms
24ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.js
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf9614206d228bbbab8fec9be817239106a56039e47374bee59a505b192b6c43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 6069
last-modified: Thu, 25 Nov 2021 11:22:01 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: Y2KBXJXVSJ8KKQCC
x-amz-id-2: irP0oGSOAZ97V/Nm9vASZpjmZL85/00DEqEQnpJzBrkdCuYkWzzmgBhWm809sG+XoGMoHjGPeIM=
cf-bgj: minify
server: cloudflare
etag: W/"8238e09f6e7be487ced32975a7f0d4da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6b59049dba8f4ed3-FRA
expires: Mon, 29 Nov 2021 07:15:59 GMT

GET
H/1.1 200
OK opinion-default.jpg
www.publinews.gt/wp-content/uploads/2020/06/ 4 KB
5 KB 14ms
14ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.publinews.gt/wp-content/uploads/2020/06/opinion-default.jpg

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

3be29565ed74ebe94b47d147f84748dc076566e4348c72db227ad8cf72a75f24

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Last-Modified: Mon, 29 Jun 2020 01:13:59 GMT
Server: nginx/1.20.1
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4519
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK flickity.css
www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/vendor/flickity/ 2 KB
949 B 16ms
13ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/vendor/flickity/flickity.css?ver=2.2.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

20a22e2a0610fa88287f0f8a033e1f8c5fb3abb7f0a0d527115b6ce3dde328a1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Nov 2020 03:23:00 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 654
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK shortcodes.css
www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/includes/css/ 46 KB
8 KB 22ms
16ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.9.4

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

b6a6ee9f7c7baccbe33a644888b959da1fb9730607a20b6d1f8e00b38a32e484

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Nov 2020 03:23:00 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7924
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.js Show response
www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/js/ 7 KB
2 KB 20ms
14ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/js/main.js?ver=1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

02007cb9ea5401983a0a4a34d08c1a57c75484d0852194291e124c94b848d474

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jun 2020 19:49:26 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1500
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sps_front_js.js Show response
www.publinews.gt/gt/wp-content/plugins/sync-post-with-other-site/assets/js/ 0
260 B 19ms
14ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/sync-post-with-other-site/assets/js/sps_front_js.js?rand=439&ver=1.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Last-Modified: Thu, 01 Oct 2020 01:26:05 GMT
Server: nginx/1.20.1
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top-10-tracker.min.js Show response
www.publinews.gt/gt/wp-content/plugins/top-10/includes/js/ 314 B
476 B 18ms
13ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/top-10/includes/js/top-10-tracker.min.js?ver=1.0

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

d8a754aeb7ddf52b4696dcbb5f3d43f8a3f1b4f7ab2e2a8189ead0ee1675e65a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Nov 2020 04:57:29 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 167
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK imagesloaded.min.js Show response
www.publinews.gt/gt/wp-includes/js/ 5 KB
2 KB 20ms
15ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Sat, 12 Sep 2020 03:45:57 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1834
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK min.js Show response
www.publinews.gt/gt/wp-content/themes/herald/assets/js/ 89 KB
25 KB 17ms
16ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/themes/herald/assets/js/min.js?ver=2.3.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

1db238f7986bc20c75a137f1db2fe705bb6b9f9c6dafc606d30a8cf4e217f402

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Aug 2020 22:18:32 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25769
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.js Show response
www.publinews.gt/gt/wp-content/plugins/meks-easy-social-share/assets/js/ 551 B
632 B 14ms
13ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/meks-easy-social-share/assets/js/main.js?ver=1.2.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

8efd7ef0887f8d97df1f68248a4d6f603ab11021a0f683e61584227ee7a71909

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jun 2020 19:49:22 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 323
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK js.cookie.min.js Show response
www.publinews.gt/gt/wp-content/plugins/wp-review/public/js/ 2 KB
1 KB 14ms
13ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/wp-review/public/js/js.cookie.min.js?ver=2.1.4

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Nov 2020 03:23:07 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 866
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK underscore.min.js Show response
www.publinews.gt/gt/wp-includes/js/ 16 KB
6 KB 14ms
14ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-includes/js/underscore.min.js?ver=1.8.3

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jun 2020 18:54:43 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5705
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK wp-util.min.js Show response
www.publinews.gt/gt/wp-includes/js/ 1 KB
900 B 14ms
13ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-includes/js/wp-util.min.js?ver=5.5.3

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

622bd29e595894b02f5c5ab95628f99d6e6d46483bac342b4fff38bbc64a8a35

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jun 2020 18:54:43 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 591
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.js Show response
www.publinews.gt/gt/wp-content/plugins/wp-review/public/js/ 3 KB
1 KB 14ms
14ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/wp-review/public/js/main.js?ver=5.3.4

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Nov 2020 03:23:07 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1158
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK wp-embed.min.js Show response
www.publinews.gt/gt/wp-includes/js/ 1 KB
1 KB 13ms
13ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-includes/js/wp-embed.min.js?ver=5.5.3

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jun 2020 18:54:43 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 769
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK flickity.js Show response
www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/vendor/flickity/ 53 KB
14 KB 29ms
28ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/vendor/flickity/flickity.js?ver=2.2.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

dcc6aaeccd530bcb0e91ef01e2046485f1ad113a865aafb17a740eee4da61e32

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Nov 2020 03:23:00 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13635
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK index.js Show response
www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/ 11 KB
4 KB 15ms
14ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js?ver=5.9.4

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

f42f6434bb69b5882b0a8864e23022be3e8ccada9a69175c825eb26cee38a508

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Nov 2020 03:23:00 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3590
X-XSS-Protection: 1; mode=block

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.15.5/ 19 KB
7 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.15.5/firebase-app.js

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bedab15fd177a9715568682a8b3a04edd59939cafffa07dfd2e6e64b010f757c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 05:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6604
x-xss-protection: 0
last-modified: Thu, 25 Jun 2020 23:15:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Wed, 23 Nov 2022 05:32:19 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/7.15.5/ 38 KB
10 KB 135ms
45ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.15.5/firebase-messaging.js

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee7d2f3931049f9fbdccac3d0e7e36eca23ce66c76c464ed28372d7d4559597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 06:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10593
x-xss-protection: 0
last-modified: Thu, 25 Jun 2020 23:15:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Sat, 26 Nov 2022 06:48:57 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 12 KB
5 KB 40ms
13ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: i.e-planning.net
URL: https://i.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12f1d9c35940a2b74b61e7125d12245c1de8c96e386583979963db701383d95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 19:20:03 GMT
server: cloudflare
age: 2164
etag: W/"618c1b63-31f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6b59049ddb5642cf-FRA
content-type: application/javascript
expires: Mon, 29 Nov 2021 04:39:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
38 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NQLFSFD

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

718f4c4909174ed264534b3ad5d92a54e95625b14319122c981c96d3dcc8fb0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38676
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Nov 2021 04:15:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
38 KB 145ms
143ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5DVV5N

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ea4f26725e6bf79612c7f78e6b0a23eb5c1519c044906797952f94c74a9d324

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38694
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Nov 2021 04:15:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
38 KB 123ms
122ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3XQFVX

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

886b588dc30ca4db57d6f1731272df6cf6335cac8f2bf2e7bf9b1939208e9e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38675
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Nov 2021 04:15:59 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 36ms
7ms Script
application/javascript 143.204.98.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-34.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 18612513
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: G0r-fFanbVq50e9tWoavX412bRBKPpk5Z_Wm_LkLKGvL6TSmUG9vyg==

GET
H2 200 NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2
fonts.gstatic.com/s/firasansextracondensed/v5/ 22 KB
23 KB 124ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v5/NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A400%2C700%2C600&subset=latin%2Clatin-ext&ver=2.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f905435c0278c8998a37b1e932c610553df7c656806432baf8670720ec6e4e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.publinews.gt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:19:13 GMT
x-content-type-options: nosniff
age: 226606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22864
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:08:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:19:13 GMT

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 228ms
145ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 04:15:59 GMT

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 602 KB
132 KB 44ms
7ms Script
text/javascript 2a02:26f0:6c00:191::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/82680/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:191::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e297afc5cba2b67ad30ad316eb275e59408b57d3ed2250f2677dccce750af7b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: Y6GJDKW6WVT0TA26
content-length: 134225
x-amz-id-2: MOiYIKP30smjNnK2n3n1aFPjUCCmqjnfzhDLYeA85MFHc2P0DSRYPkh5rzni/lbbFLvkM9gA40A=
last-modified: Thu, 18 Nov 2021 17:47:06 GMT
etag: "b983bc540e7d345b1ace518bd27be723"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 4
accept-ranges: bytes
access-control-allow-headers: *
expires: Mon, 29 Nov 2021 04:45:59 GMT

GET
H2 200 60118 Show response
tag.navdmp.com/u/ 690 B
533 B 158ms
158ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/60118
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27245a8a3f678528283aa04f0767f4e880e0ddc8b3d517a4a770d03b556926c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Sep 2021 18:45:01 GMT
server: cloudflare
etag: W/"6137b32d-2b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6b59049dfb7442cf-FRA
content-type: application/javascript
expires: Mon, 29 Nov 2021 05:15:59 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
549 B 38ms
7ms Image
image/gif 143.204.98.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&time=1638159359694&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&random_number=6065877770&sess_cookie=9ff1aadc17d69e81ecd2a601b41&sess_cookie_flag=1&user_cookie=9ff1aadc17d69e81ecd2a601b41&user_cookie_flag=1&dynamic=true&domain=publinews.gt&account=1g/Hk1ao6C52uW&jsv=20130128&user_lang=en-US
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-17.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:02 GMT
Via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 57
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: QyqxxfYun1ptxwjk2tfY0tcus1UR_h9f_bPWO1eRnypAhJdlRVi39Q==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 354ms
111ms Image
text/plain 3.20.177.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.177.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-177-195.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
server: Server

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQLFSFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4492
date: Mon, 29 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 29 Nov 2021 05:01:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-90285-12&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53456215-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42b50d4bff7b610443d71d0c6c29031ec216cd78b5b0aba138b413ac1689a10b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36187
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Nov 2021 04:15:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52170176-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53456215-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2046f0951f540e47a6f178435eebd438296264afc9836abf8c15b69eda03786f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36151
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Nov 2021 04:15:59 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 358 B
453 B 183ms
173ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=60118&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5735a6df0c934c148c7e8ebea4d68499e20bf1ed73c37fc91dcafe5e6dda50b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b59049f0c9242cf-FRA
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Mon, 29 Nov 2021 05:15:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 129ms
45ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.publinews.gt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 147ms
45ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.publinews.gt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
11 KB 140ms
80ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

67146d9cb1502dc74815546bebb729ffefdbd37a777db5e0505e5cebd8281210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11429
x-xss-protection: 0
google-lineitem-id: 5826381817
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369876777
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9C8F 6 KB
4 KB 149ms
45ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 04:16:00 GMT
expires: Tue, 29 Nov 2022 04:16:00 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
258 B 125ms
72ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6bbd6c2596ee21cebd2be43de4032b072a4286c7c4e64aaad4abaf8c87513a43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

GT_PN Show response
ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?rnd=0.9218702018165441&e=adheader:300x250!/GT_PN/ad_header&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159359...
https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=adheader:300x250!/GT_PN/ad_header&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=16381...

646 B
1 KB

22ms
17ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=adheader:300x250!/GT_PN/ad_header&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159359&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 670f61ddc2a337c6731ace2496254582ce70c1c9e8375edf1b918818aa6ea9d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.publinews.gt
expires: Mon, 29 Nov 2021 04:16:00 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 646
x-sid: AMS-602

Redirect headers

date: Mon, 29 Nov 2021 04:16:00 GMT
server: openresty
access-control-allow-origin: https://www.publinews.gt
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=adheader:300x250!/GT_PN/ad_header&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159359&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-602

GET
H3 200 NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3SCKr3i-oQ.woff2
fonts.gstatic.com/s/firasansextracondensed/v5/ 23 KB
23 KB 94ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v5/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3SCKr3i-oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A400%2C700%2C600&subset=latin%2Clatin-ext&ver=2.3.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

147de4f28324ee3537c8f601d4e36afe0bbb8319fdaa827973f2afa91844e7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.publinews.gt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:58:24 GMT
x-content-type-options: nosniff
age: 411456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23936
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:09:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 09:58:24 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.publinews.gt/gt/wp-content/themes/herald/assets/fonts/ 75 KB
76 KB 36ms
36ms Font
application/octet-stream 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/themes/herald/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/wp-content/themes/herald/assets/css/min.css?ver=2.3.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.publinews.gt/gt/wp-content/themes/herald/assets/css/min.css?ver=2.3.1
Origin: https://www.publinews.gt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:59 GMT
Last-Modified: Wed, 05 Jun 2019 17:45:26 GMT
Server: nginx/1.20.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160
X-XSS-Protection: 1; mode=block

GET
H3 200 NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3USLr3i-oQ.woff2
fonts.gstatic.com/s/firasansextracondensed/v5/ 24 KB
24 KB 86ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v5/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3USLr3i-oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A400%2C700%2C600&subset=latin%2Clatin-ext&ver=2.3.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8cc8ba2f49cf82b3c377eb96444d5a38767deb463cef6afd5513324d57df7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.publinews.gt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:46:16 GMT
x-content-type-options: nosniff
age: 224984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24156
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:09:11 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:46:16 GMT

GET
H/1.1

200
OK

Skin.jpg
static.publinews.gt/2021/10/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/10/Skin.jpg
https://static.publinews.gt/2021/10/Skin.jpg

115 KB
115 KB

13ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/10/Skin.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 8446880b8da895ab62c29652fe12e7aa483666cb0a54532abf231d415a4943ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Thu, 14 Oct 2021 23:05:01 GMT
Server: nginx/1.20.1
ETag: "6168b79d-1ccdc"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 117980

Redirect headers

Location: https://static.publinews.gt/2021/10/Skin.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

laboratorio-movil-salud-300x300.jpeg
static.publinews.gt/2021/01/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/01/laboratorio-movil-salud-300x300.jpeg
https://static.publinews.gt/2021/01/laboratorio-movil-salud-300x300.jpeg

21 KB
21 KB

43ms
21ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/01/laboratorio-movil-salud-300x300.jpeg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e7a5af7b0209824a8d8a2ef4186418408a8aecd61d4f82096d6ee64d216a59f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Tue, 19 Jan 2021 04:25:39 GMT
Server: nginx/1.20.1
ETag: "60065f43-54b5"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21685

Redirect headers

Location: https://static.publinews.gt/2021/01/laboratorio-movil-salud-300x300.jpeg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

sergio-ramos-opina-sobre-messi-y-balon-de-oro-2021-publinews--300x168.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/sergio-ramos-opina-sobre-messi-y-balon-de-oro-2021-publinews--300x168.png
https://static.publinews.gt/2021/11/sergio-ramos-opina-sobre-messi-y-balon-de-oro-2021-publinews--300x168.png

78 KB
78 KB

28ms
12ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/sergio-ramos-opina-sobre-messi-y-balon-de-oro-2021-publinews--300x168.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 007222190f7b3cd6e69a40417234c57d1e90abd9402c094b84cf145fd5bb9aa6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Nov 2021 01:03:00 GMT
Server: nginx/1.20.1
ETag: "61a426c4-1376a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79722

Redirect headers

Location: https://static.publinews.gt/2021/11/sergio-ramos-opina-sobre-messi-y-balon-de-oro-2021-publinews--300x168.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

hombre-guatemala-miami-oculto-1-300x168.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/hombre-guatemala-miami-oculto-1-300x168.png
https://static.publinews.gt/2021/11/hombre-guatemala-miami-oculto-1-300x168.png

57 KB
57 KB

46ms
21ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/hombre-guatemala-miami-oculto-1-300x168.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: c707b46c7eed6f13a7d9214ec34dd80c12929d4fbfb29808b6bbd3f0bc24286e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 23:38:05 GMT
Server: nginx/1.20.1
ETag: "61a412dd-e21d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57885

Redirect headers

Location: https://static.publinews.gt/2021/11/hombre-guatemala-miami-oculto-1-300x168.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Policia-remite-a-39-inmigrantes-de-distintas-nacionalidades-en-chiquimula-28-de-noviembre-2021-300x168.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Policia-remite-a-39-inmigrantes-de-distintas-nacionalidades-en-chiquimula-28-de-noviembre-2021-300x168.jpg
https://static.publinews.gt/2021/11/Policia-remite-a-39-inmigrantes-de-distintas-nacionalidades-en-chiquimula-28-de-noviembre-2021-300x168.jpg

12 KB
13 KB

36ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/Policia-remite-a-39-inmigrantes-de-distintas-nacionalidades-en-chiquimula-28-de-noviembre-2021-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 8fc356d86a4ae901a12544bb5d0ac88dd7e607075e97b1221e19e9c7852be366

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 23:21:47 GMT
Server: nginx/1.20.1
ETag: "61a40f0b-3145"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12613

Redirect headers

Location: https://static.publinews.gt/2021/11/Policia-remite-a-39-inmigrantes-de-distintas-nacionalidades-en-chiquimula-28-de-noviembre-2021-300x168.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

aves-paci%CC%81fico-gt-2-300x168.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/aves-paci%CC%81fico-gt-2-300x168.jpg
https://static.publinews.gt/2021/11/aves-paci%CC%81fico-gt-2-300x168.jpg

10 KB
10 KB

36ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/aves-paci%CC%81fico-gt-2-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 18790e55b886d0d21fabef028c4bfb1121999a1aa564ac1078d4fa3d0f811e4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 23:01:37 GMT
Server: nginx/1.20.1
ETag: "61a40a51-28b6"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10422

Redirect headers

Location: https://static.publinews.gt/2021/11/aves-paci%CC%81fico-gt-2-300x168.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H2

200

GT_PN Show response
ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?rnd=0.9218702018165441&e=ad300x2504:300x250!/GT_PN/ad_300x250_4&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=16381...
https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=ad300x2504:300x250!/GT_PN/ad_300x250_4&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=...

648 B
1 KB

19ms
16ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=ad300x2504:300x250!/GT_PN/ad_300x250_4&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: a1b15784aecce4e1f8108e860453b5f0fbaebbb44b66b3caf9c80b30354f8dde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.publinews.gt
expires: Mon, 29 Nov 2021 04:16:00 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 648
x-sid: AMS-602

Redirect headers

date: Mon, 29 Nov 2021 04:16:00 GMT
server: openresty
access-control-allow-origin: https://www.publinews.gt
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=ad300x2504:300x250!/GT_PN/ad_300x250_4&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-602

GET
H/1.1 200
OK coronaVirus.jpg
static.publinews.gt/2020/06/ 78 KB
78 KB 21ms
21ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/coronaVirus.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 20a7cab4c3d02182a4adf415218a7bf45485746273fba452bf48c4d3cf5df9d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 04:49:00 GMT
Server: nginx/1.20.1
ETag: "5ef972bc-137fb"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79867

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 92ms
44ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=545057241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=2127394292&gjid=333028594&cid=1219426785.1638159360&tid=UA-53456215-1&_gid=355729448.1638159360&_r=1&gtm=2wgba1NQLFSFD&z=1198715341

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 87ms
45ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=545057241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAAC~&jid=1406993509&gjid=464194488&cid=1219426785.1638159360&tid=UA-53456215-1&_gid=355729448.1638159360&_r=1&gtm=2ouba1&z=1684010408

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 82ms
45ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=545057241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAAC~&jid=1872435999&gjid=443891662&cid=1219426785.1638159360&tid=UA-52170176-1&_gid=355729448.1638159360&_r=1&gtm=2wgba1K3XQFVX&z=1144034574

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 76ms
44ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=545057241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAAC~&jid=608808579&gjid=130976137&cid=1219426785.1638159360&tid=UA-90285-12&_gid=355729448.1638159360&_r=1&gtm=2wgba1P5DVV5N&z=194295635

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 72ms
44ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=545057241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAAC~&jid=1225385042&gjid=537846658&cid=1219426785.1638159360&tid=UA-90285-12&_gid=355729448.1638159360&_r=1&gtm=2ouba1&z=192069612

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 68ms
45ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=545057241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAAC~&jid=1655028888&gjid=606713344&cid=1219426785.1638159360&tid=UA-52170176-1&_gid=355729448.1638159360&_r=1&gtm=2ouba1&z=1195860197

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

GT_PN Show response
ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?rnd=0.9218702018165441&e=ad300x2502:300x250!/GT_PN/ad_300x250_2&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=16381...
https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=ad300x2502:300x250!/GT_PN/ad_300x250_2&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=...

648 B
971 B

16ms
16ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=ad300x2502:300x250!/GT_PN/ad_300x250_2&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: c0e9442480513f12f46226f2125244725d098284e975791fa9a36608726e85c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.publinews.gt
expires: Mon, 29 Nov 2021 04:16:00 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 648
x-sid: AMS-602

Redirect headers

date: Mon, 29 Nov 2021 04:16:00 GMT
server: openresty
access-control-allow-origin: https://www.publinews.gt
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=ad300x2502:300x250!/GT_PN/ad_300x250_2&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-602

GET
H/1.1

200
OK

coronavirus-guatemala-hospital-general-san-juan-de-dios-5-300x168.jpeg
static.publinews.gt/2021/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/08/coronavirus-guatemala-hospital-general-san-juan-de-dios-5-300x168.jpeg
https://static.publinews.gt/2021/08/coronavirus-guatemala-hospital-general-san-juan-de-dios-5-300x168.jpeg

14 KB
14 KB

11ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/08/coronavirus-guatemala-hospital-general-san-juan-de-dios-5-300x168.jpeg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 6db4ecf5b0285c37c1eec6a06b8b88b14447a13bf9d55e814a3953672ab88000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Tue, 31 Aug 2021 17:20:31 GMT
Server: nginx/1.20.1
ETag: "612e64df-36ce"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14030

Redirect headers

Location: https://static.publinews.gt/2021/08/coronavirus-guatemala-hospital-general-san-juan-de-dios-5-300x168.jpeg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

coronavirus-guatemala-hospital-general-san-juan-de-dios-187x140.jpeg
static.publinews.gt/2021/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/08/coronavirus-guatemala-hospital-general-san-juan-de-dios-187x140.jpeg
https://static.publinews.gt/2021/08/coronavirus-guatemala-hospital-general-san-juan-de-dios-187x140.jpeg

7 KB
7 KB

12ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/08/coronavirus-guatemala-hospital-general-san-juan-de-dios-187x140.jpeg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 78ca3b1e1fa7d9f8b2c9f367e26ff3de7d06f9f984b2905844ffde38c70dc52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 30 Aug 2021 17:24:13 GMT
Server: nginx/1.20.1
ETag: "612d143d-1ce5"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7397

Redirect headers

Location: https://static.publinews.gt/2021/08/coronavirus-guatemala-hospital-general-san-juan-de-dios-187x140.jpeg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

vacunacion-en-menores-covid19-coronavirus-pandemia-guatemala-2021-187x140.jpg
static.publinews.gt/2021/10/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/10/vacunacion-en-menores-covid19-coronavirus-pandemia-guatemala-2021-187x140.jpg
https://static.publinews.gt/2021/10/vacunacion-en-menores-covid19-coronavirus-pandemia-guatemala-2021-187x140.jpg

6 KB
6 KB

12ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/10/vacunacion-en-menores-covid19-coronavirus-pandemia-guatemala-2021-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: d641f280947f782d8b838832c4edcabdae451621cc25f7b6372e602ddfe6ea37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Wed, 27 Oct 2021 14:56:20 GMT
Server: nginx/1.20.1
ETag: "61796894-176a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5994

Redirect headers

Location: https://static.publinews.gt/2021/10/vacunacion-en-menores-covid19-coronavirus-pandemia-guatemala-2021-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

conferencia-de-prensa-de-autoridades-del-Ministerio-de-Salud-y-Asistencia-Social-MSPAS-sobre-pandemia-covid-19-en-guatemala-23-de-noviembre-2021-7-187x140.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/conferencia-de-prensa-de-autoridades-del-Ministerio-de-Salud-y-Asistencia-Social-MSPAS-sobre-pandemia-covid-19-en-guatemala-23-de-noviembre-20...
https://static.publinews.gt/2021/11/conferencia-de-prensa-de-autoridades-del-Ministerio-de-Salud-y-Asistencia-Social-MSPAS-sobre-pandemia-covid-19-en-guatemala-23-de-noviembre-2021-7-187x140.jpg

6 KB
6 KB

11ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/conferencia-de-prensa-de-autoridades-del-Ministerio-de-Salud-y-Asistencia-Social-MSPAS-sobre-pandemia-covid-19-en-guatemala-23-de-noviembre-2021-7-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 20de6540a404f5dacfa5cc24c2d7b684c4a57725eaba74d7b1896890f1bee73a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Tue, 23 Nov 2021 22:01:52 GMT
Server: nginx/1.20.1
ETag: "619d64d0-181a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6170

Redirect headers

Location: https://static.publinews.gt/2021/11/conferencia-de-prensa-de-autoridades-del-Ministerio-de-Salud-y-Asistencia-Social-MSPAS-sobre-pandemia-covid-19-en-guatemala-23-de-noviembre-2021-7-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-2-300x300.jpg
static.publinews.gt/2021/10/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/10/pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-2-300x300.jpg
https://static.publinews.gt/2021/10/pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-2-300x300.jpg

13 KB
14 KB

12ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/10/pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-2-300x300.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 8b8154f4397a0f47056c7d8191bab547e0c6ea2376a9b920585ea53a44673b1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 31 Oct 2021 17:40:35 GMT
Server: nginx/1.20.1
ETag: "617ed513-35d2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13778

Redirect headers

Location: https://static.publinews.gt/2021/10/pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-2-300x300.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-3-300x300.jpg
static.publinews.gt/2021/10/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/10/pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-3-300x300.jpg
https://static.publinews.gt/2021/10/pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-3-300x300.jpg

24 KB
24 KB

11ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/10/pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-3-300x300.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: d4736026f79754d0c3edd2e36abe9206c1f2adacb98489591bd6ebe586aba75e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 31 Oct 2021 17:40:43 GMT
Server: nginx/1.20.1
ETag: "617ed51b-6105"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24837

Redirect headers

Location: https://static.publinews.gt/2021/10/pandemia-covid-19-coronavirus-guatemala-vacunacion-vacunas-Ministerio-de-Salud-y-Asistencia-Social-guatemaltecos-3-300x300.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

bazar-naviden%CC%83o-sexta-calle-zona-1-1-300x300.jpeg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/bazar-naviden%CC%83o-sexta-calle-zona-1-1-300x300.jpeg
https://static.publinews.gt/2021/11/bazar-naviden%CC%83o-sexta-calle-zona-1-1-300x300.jpeg

28 KB
28 KB

12ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/bazar-naviden%CC%83o-sexta-calle-zona-1-1-300x300.jpeg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: a71821d8ac3fc6df9a79f05609bcfdc958552e02f3c12699c94111cc997ffcae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 23:12:14 GMT
Server: nginx/1.20.1
ETag: "61a40cce-70e1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28897

Redirect headers

Location: https://static.publinews.gt/2021/11/bazar-naviden%CC%83o-sexta-calle-zona-1-1-300x300.jpeg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

PNC-zona-2-secuestro-300x168.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/PNC-zona-2-secuestro-300x168.jpg
https://static.publinews.gt/2021/11/PNC-zona-2-secuestro-300x168.jpg

14 KB
14 KB

13ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/PNC-zona-2-secuestro-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 079caf9cb36d1b9dee92059742618aa5ad7fbb4abb61955232ce8f0ad8679b58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 19:35:56 GMT
Server: nginx/1.20.1
ETag: "61a3da1c-3720"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14112

Redirect headers

Location: https://static.publinews.gt/2021/11/PNC-zona-2-secuestro-300x168.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

vehiculo-volcado-atanasio-300x300.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/vehiculo-volcado-atanasio-300x300.png
https://static.publinews.gt/2021/11/vehiculo-volcado-atanasio-300x300.png

183 KB
183 KB

14ms
13ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/vehiculo-volcado-atanasio-300x300.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: d2d00dfb6d151fde71f7e3322e2f5cba9c25f90d1df0a30365b529fc969f0d94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 17:55:41 GMT
Server: nginx/1.20.1
ETag: "61a3c29d-2dcb2"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187570

Redirect headers

Location: https://static.publinews.gt/2021/11/vehiculo-volcado-atanasio-300x300.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

accidente-zona-7-capita--187x140.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/accidente-zona-7-capita--187x140.jpg
https://static.publinews.gt/2021/11/accidente-zona-7-capita--187x140.jpg

11 KB
11 KB

13ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/accidente-zona-7-capita--187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e4b5a4bf44782e0d726fb9c8284f3a0d3a67c663da155103631b60c7e5f1c708

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 16:00:50 GMT
Server: nginx/1.20.1
ETag: "61a3a7b2-2cd0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11472

Redirect headers

Location: https://static.publinews.gt/2021/11/accidente-zona-7-capita--187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Carrozas-naviden%CC%83as-paseo-sexta-3-187x140.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Carrozas-naviden%CC%83as-paseo-sexta-3-187x140.jpg
https://static.publinews.gt/2021/11/Carrozas-naviden%CC%83as-paseo-sexta-3-187x140.jpg

10 KB
10 KB

14ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/Carrozas-naviden%CC%83as-paseo-sexta-3-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 7cd314eaa2617e6239f43abff91e10b5c4a7fd6dcb43af265b113137903e93c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 01:48:01 GMT
Server: nginx/1.20.1
ETag: "61a2dfd1-27d9"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10201

Redirect headers

Location: https://static.publinews.gt/2021/11/Carrozas-naviden%CC%83as-paseo-sexta-3-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

campan%CC%83a-fiestas-fin-de-an%CC%83o-juntos-nos-cuidamos-publinews12-187x140.jpeg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/campan%CC%83a-fiestas-fin-de-an%CC%83o-juntos-nos-cuidamos-publinews12-187x140.jpeg
https://static.publinews.gt/2021/11/campan%CC%83a-fiestas-fin-de-an%CC%83o-juntos-nos-cuidamos-publinews12-187x140.jpeg

10 KB
10 KB

14ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/campan%CC%83a-fiestas-fin-de-an%CC%83o-juntos-nos-cuidamos-publinews12-187x140.jpeg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: dfbde71fd191f2183e53dfaaa3004a6b5a8bb4bac1142f0cf6d9a186cc4bc75f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sat, 27 Nov 2021 20:17:27 GMT
Server: nginx/1.20.1
ETag: "61a29257-26db"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9947

Redirect headers

Location: https://static.publinews.gt/2021/11/campan%CC%83a-fiestas-fin-de-an%CC%83o-juntos-nos-cuidamos-publinews12-187x140.jpeg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H2

200

GT_PN Show response
ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?rnd=0.9218702018165441&e=ad300x2503:300x250!/GT_PN/ad_300x250_3&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=16381...
https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=ad300x2503:300x250!/GT_PN/ad_300x250_3&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=...

648 B
971 B

16ms
16ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=ad300x2503:300x250!/GT_PN/ad_300x250_3&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 570d442edabab9cca16278684d397019228f00337d4bd81aac65ad0e42a02865

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.publinews.gt
expires: Mon, 29 Nov 2021 04:16:00 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 648
x-sid: AMS-602

Redirect headers

date: Mon, 29 Nov 2021 04:16:00 GMT
server: openresty
access-control-allow-origin: https://www.publinews.gt
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2f15c/168615172/www.publinews.gt/GT_PN?ct=1&rnd=0.9218702018165441&e=ad300x2503:300x250!/GT_PN/ad_300x250_3&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-602

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
78 B 172ms
161ms Script
application/x-javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=fc8627459ce1a8dff572f58e709%7C0&acc=60118&tit=Noticias%252C%2520Deportes%2520y%2520Espect%25E1culos%2520de%2520Guatemala%2520y%2520el%2520Mundo%2520%257C%2520Publinews&url=https%253A%2F%2Fwww.publinews.gt%2Fgt%2F&upd=1&new=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b5904a0ce9a42cf-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=67786404953
https://sync2.navdmp.com/sync?prtid=2&id=67786404953&google_gid=CAESEC31VBbMeFhY2TSyziXdiCg&google_cver=1

6 B
58 B

175ms
166ms

Script
application/javascript

2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=67786404953&google_gid=CAESEC31VBbMeFhY2TSyziXdiCg&google_cver=1
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b5904a2687f42cf-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync2.navdmp.com/sync?prtid=2&id=67786404953&google_gid=CAESEC31VBbMeFhY2TSyziXdiCg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=b86e61a4-53ff-4000-b37d-cc4f52a4e882

43 B
130 B

175ms
166ms

Image
image/gif

2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=b86e61a4-53ff-4000-b37d-cc4f52a4e882
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 6b5904a17f5842cf-FRA
content-length: 43

Redirect headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: MT3 4133 baa842e master zrh-pixel-x25 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://sync.navdmp.com/sync?img=1&mdia=b86e61a4-53ff-4000-b37d-cc4f52a4e882
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 29 Nov 2021 04:15:59 GMT

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
0 125ms
37ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5582 0
0 60ms
60ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstN52UbS-IVaWN8d2ePigKoh-j9iR2gygkmgFKXgumnHGyO48E9lmea6zsu9EURfFIcCc2iLAr9Hb7iDGSIEyXGIG2mKKQQxOvPvB-bIimazs7bePL9HgLajX5qfscvpZV22YhCKtVYX1SR41qm_2qn7n8INEbvHNsxPm_QZ2WnvKxfFXkoEIx_Hhz4PCAMhrki3lGlqPXglHvmcvmGp4EdIn4nHHfDzJi2PZRINbE0rlYdi_kwwh9J0gm0NpCMQc3fxUr-JBd1GwqwKgbZDgRnGIwcOjLAN09rjN5yVLCT54bo3x5vzDxok9p0FKXSgd3srzCkRlKEgtOe9mZT&sai=AMfl-YTT7jpga0FuE5Yovh42sZKnNm3LXlTadKN356VAVVJWL9KLoGO2ZG6lNjdsDVRNdUcsiBaKly1mK6KGjIenLL_d72Mw_lgwVEqdq6uX5ilRZ-wWw7hVgHfIslceImz-&sig=Cg0ArKJSzPyYZVnyZTyLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 29 Nov 2021 04:16:00 GMT

GET
H/1.1 200
OK index.html Show response
publinewsgt.com/ads/2021/8/upa/LayerDK/ Frame C83D 71 KB
71 KB 65ms
11ms Document
text/html 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18 /
Resource Hash: 3867cefd20693bc083d9f54dafd63fe61b42033ebca196219f2e186afd062038

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18
Last-Modified: Wed, 13 Oct 2021 16:52:26 GMT
ETag: "11baf-5ce3ec9770543"
Accept-Ranges: bytes
Content-Length: 72623
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK index.html Show response
publinewsgt.com/ads/2021/8/upa/LayerDK/ Frame 5357 71 KB
71 KB 65ms
11ms Document
text/html 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18 /
Resource Hash: 3867cefd20693bc083d9f54dafd63fe61b42033ebca196219f2e186afd062038

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18
Last-Modified: Wed, 13 Oct 2021 16:52:26 GMT
ETag: "11baf-5ce3ec9770543"
Accept-Ranges: bytes
Content-Length: 72623
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK index.html Show response
publinewsgt.com/ads/2021/8/upa/LayerDK/ Frame 372A 71 KB
71 KB 64ms
11ms Document
text/html 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18 /
Resource Hash: 3867cefd20693bc083d9f54dafd63fe61b42033ebca196219f2e186afd062038

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18
Last-Modified: Wed, 13 Oct 2021 16:52:26 GMT
ETag: "11baf-5ce3ec9770543"
Accept-Ranges: bytes
Content-Length: 72623
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5582 119 KB
36 KB 91ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 04:16:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5582 0
26 B 59ms
59ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 29 Nov 2021 04:16:00 GMT

GET
H/1.1

200
OK

bebe-tabla-snowboard-300x168.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/bebe-tabla-snowboard-300x168.jpg
https://static.publinews.gt/2021/11/bebe-tabla-snowboard-300x168.jpg

13 KB
14 KB

15ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/bebe-tabla-snowboard-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 1189ba00353fe33a7d7b891f033ba61de61ba0dd8ab306dee53c15e5bf6b800a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 22:34:53 GMT
Server: nginx/1.20.1
ETag: "61a4040d-3526"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13606

Redirect headers

Location: https://static.publinews.gt/2021/11/bebe-tabla-snowboard-300x168.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

covid-19-reino-unido-187x140.jpg
static.publinews.gt/2020/12/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/12/covid-19-reino-unido-187x140.jpg
https://static.publinews.gt/2020/12/covid-19-reino-unido-187x140.jpg

9 KB
10 KB

15ms
15ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/12/covid-19-reino-unido-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 8a64dc4eedb0027a63dbca746d85413bf249ff66c9e8ae3085493034a084af53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Tue, 22 Dec 2020 05:30:57 GMT
Server: nginx/1.20.1
ETag: "5fe18491-2541"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9537

Redirect headers

Location: https://static.publinews.gt/2020/12/covid-19-reino-unido-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

elecciones-honduras-2021--187x140.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/elecciones-honduras-2021--187x140.jpg
https://static.publinews.gt/2021/11/elecciones-honduras-2021--187x140.jpg

10 KB
10 KB

15ms
15ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/elecciones-honduras-2021--187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 6423701ef69e19ff906654b7e6850600eeeac8562cc5e1e39242b82e83f65002

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 16:51:14 GMT
Server: nginx/1.20.1
ETag: "61a3b382-27a5"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10149

Redirect headers

Location: https://static.publinews.gt/2021/11/elecciones-honduras-2021--187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

terremoto-peru%CC%81-28-11-2021--187x140.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/terremoto-peru%CC%81-28-11-2021--187x140.png
https://static.publinews.gt/2021/11/terremoto-peru%CC%81-28-11-2021--187x140.png

47 KB
47 KB

15ms
15ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/terremoto-peru%CC%81-28-11-2021--187x140.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 89e06a72524a262aa7a2771cee20a8ac7453932682e61597216a9d22505bbc6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 15:31:09 GMT
Server: nginx/1.20.1
ETag: "61a3a0bd-bcd8"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48344

Redirect headers

Location: https://static.publinews.gt/2021/11/terremoto-peru%CC%81-28-11-2021--187x140.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Cinta-amarilla-crimen--300x300.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Cinta-amarilla-crimen--300x300.png
https://static.publinews.gt/2021/11/Cinta-amarilla-crimen--300x300.png

117 KB
117 KB

14ms
13ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/Cinta-amarilla-crimen--300x300.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: f02b19434ecf5c40e3a6adac393039c961cfb4e4012e9db44dac4be993c0e970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 15 Nov 2021 14:45:47 GMT
Server: nginx/1.20.1
ETag: "6192729b-1d35c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 119644

Redirect headers

Location: https://static.publinews.gt/2021/11/Cinta-amarilla-crimen--300x300.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

coronavirus-reino-unido-1-187x140.jpg
static.publinews.gt/2021/01/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/01/coronavirus-reino-unido-1-187x140.jpg
https://static.publinews.gt/2021/01/coronavirus-reino-unido-1-187x140.jpg

9 KB
9 KB

12ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/01/coronavirus-reino-unido-1-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: d19cd55a7044e88aeb85d8d990587ac9b53188e58d90d70df407a5160bfb46c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 04 Jan 2021 17:59:06 GMT
Server: nginx/1.20.1
ETag: "5ff3576a-24f7"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9463

Redirect headers

Location: https://static.publinews.gt/2021/01/coronavirus-reino-unido-1-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

nueva-cepa-coronavirus-que-se-sabe-hasta-ahora-publinews-187x140.jpg
static.publinews.gt/2020/12/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/12/nueva-cepa-coronavirus-que-se-sabe-hasta-ahora-publinews-187x140.jpg
https://static.publinews.gt/2020/12/nueva-cepa-coronavirus-que-se-sabe-hasta-ahora-publinews-187x140.jpg

10 KB
10 KB

12ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/12/nueva-cepa-coronavirus-que-se-sabe-hasta-ahora-publinews-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 0bb82cbb4908ac55346d09bff4323881464d4ef148a4a9ff6858d94b54f26c27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 21 Dec 2020 19:45:03 GMT
Server: nginx/1.20.1
ETag: "5fe0fb3f-27da"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10202

Redirect headers

Location: https://static.publinews.gt/2020/12/nueva-cepa-coronavirus-que-se-sabe-hasta-ahora-publinews-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

expertos-advierten-covid-19-podria-transmitirse-via-aerea-publinews-187x140.jpg
static.publinews.gt/2020/07/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/07/expertos-advierten-covid-19-podria-transmitirse-via-aerea-publinews-187x140.jpg
https://static.publinews.gt/2020/07/expertos-advierten-covid-19-podria-transmitirse-via-aerea-publinews-187x140.jpg

10 KB
10 KB

12ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/07/expertos-advierten-covid-19-podria-transmitirse-via-aerea-publinews-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 0f418d591ab907ecb2509d4b0f59b21545c190676524cf3c866dabc7553cc488

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 06 Jul 2020 22:29:36 GMT
Server: nginx/1.20.1
ETag: "5f03a5d0-26f4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9972

Redirect headers

Location: https://static.publinews.gt/2020/07/expertos-advierten-covid-19-podria-transmitirse-via-aerea-publinews-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

marcha-mujeres-mexico-2021-300x168.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/marcha-mujeres-mexico-2021-300x168.jpg
https://static.publinews.gt/2021/11/marcha-mujeres-mexico-2021-300x168.jpg

15 KB
15 KB

15ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/marcha-mujeres-mexico-2021-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 6dbf0b9c7b1b389db1b6693e5e406068b4b59edf2d1cce6d23565616d78a81a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Fri, 26 Nov 2021 00:33:58 GMT
Server: nginx/1.20.1
ETag: "61a02b76-3cc2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15554

Redirect headers

Location: https://static.publinews.gt/2021/11/marcha-mujeres-mexico-2021-300x168.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

entrega-balon-de-oro-2021-publinews--640x640.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/entrega-balon-de-oro-2021-publinews--640x640.png
https://static.publinews.gt/2021/11/entrega-balon-de-oro-2021-publinews--640x640.png

614 KB
614 KB

12ms
12ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/entrega-balon-de-oro-2021-publinews--640x640.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: d7fa5bb5982b0fec8dc83ec09e0b5f88fd56615cc30cee091c46c110cff61d5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 22:29:45 GMT
Server: nginx/1.20.1
ETag: "61a402d9-996fc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 628476

Redirect headers

Location: https://static.publinews.gt/2021/11/entrega-balon-de-oro-2021-publinews--640x640.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Vinicius-414x232.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Vinicius-414x232.jpg
https://static.publinews.gt/2021/11/Vinicius-414x232.jpg

20 KB
20 KB

12ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/Vinicius-414x232.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 681f84656bf64b6a41998c6b4140ca1a79f5647634cbc2a628ca4215aa136efc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 22:01:31 GMT
Server: nginx/1.20.1
ETag: "61a3fc3b-4fd7"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20439

Redirect headers

Location: https://static.publinews.gt/2021/11/Vinicius-414x232.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

resultado-partido-mictlan-vs-deportivo-mixco-primera-division-publinews--414x232.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/resultado-partido-mictlan-vs-deportivo-mixco-primera-division-publinews--414x232.png
https://static.publinews.gt/2021/11/resultado-partido-mictlan-vs-deportivo-mixco-primera-division-publinews--414x232.png

233 KB
234 KB

18ms
15ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/resultado-partido-mictlan-vs-deportivo-mixco-primera-division-publinews--414x232.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 0ce828b11c617e79ea290e4ea00e5141cfed0f0276bee0259f5f541a7e9ce26e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 20:28:46 GMT
Server: nginx/1.20.1
ETag: "61a3e67e-3a5dc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 239068

Redirect headers

Location: https://static.publinews.gt/2021/11/resultado-partido-mictlan-vs-deportivo-mixco-primera-division-publinews--414x232.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H2 200 dataxpand_28122020.js Show response
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ 39 KB
14 KB 76ms
29ms Script
application/x-javascript 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by: Host: i.e-planning.net
URL: https://i.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 16:45:03 GMT
server: openresty
etag: W/"5fea0b8f-9a72"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Sat, 28 Nov 2026 04:15:59 GMT

GET
H2 200 / Show response
spl.zeotap.com/ Frame D8DF 8 KB
2 KB 42ms
26ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: i.e-planning.net
URL: https://i.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d83ce8329e05cb6ba55d60878e853e5506f1549b0f39228baf86abfffb4fdfec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.publinews.gt
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b5904a14dcb42d5-FRA
content-encoding: br

GET
H/1.1 200 ptag Show response
a.audrte.com/ 5 KB
2 KB 406ms
101ms Script
text/plain 3.212.173.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptag?p=M1353665098
Requested by: Host: i.e-planning.net
URL: https://i.e-planning.net/layers/hbdfp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.173.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-173-197.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 0cb5d53b3f280131c756bc101bbfdbb368c60d4b55d98b55e0e7b87cc15a74a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1683

GET
H2 200 lotame.js Show response
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ 266 B
415 B 15ms
15ms Script
application/x-javascript 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by: Host: i.e-planning.net
URL: https://i.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 16:18:03 GMT
server: openresty
etag: W/"5fb69abb-10a"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Sat, 28 Nov 2026 04:15:59 GMT

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Db7805fed7af65f9c%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Db7805fed7af65f9c%26uid%3D%24UID&sovrn_retry=true
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=b7805fed7af65f9c&uid=37fafbb702b8c854415d79b2

42 B
104 B

67ms
17ms

Image
image/gif

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=b7805fed7af65f9c&uid=37fafbb702b8c854415d79b2
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=b7805fed7af65f9c&uid=37fafbb702b8c854415d79b2
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK paperBG.png
static.publinews.gt/2020/06/ 102 KB
102 KB 13ms
11ms Image
image/png 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/paperBG.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: a61a648444a16a41ef29c2f3ce95053de667e244321323ea9a669c35768e0397

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 04:48:55 GMT
Server: nginx/1.20.1
ETag: "5ef972b7-19897"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104599

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 79ms
79ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2879591147309984&correlator=2558783899403095&output=ldjh&impl=fif&eid=31060437%2C31060978%2C21068767&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=168615172%2CGT_PN%2Cad_header&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C970x90%7C970x250%7C320x50%7C320x320%7C320x100%7C320x60%7C350x200&cookie=ID%3De72dd9e1a2cc4ae1-22ae10850ccc00b3%3AT%3D1638159360%3AS%3DALNI_Mb9IUHJRMIIHOqnylv5lRuL6kOifA&bc=31&abxe=1&lmt=1638159360&dt=1638159360206&dlt=1638159359375&idt=529&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=8&adks=3455657583&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x50&msz=970x50&psts=AGkb-H9ohpaNzyOPMiGVFPg5B2-TRtntrvLCEJqsoBczuwnkbWnjVKGmLrGHp-IzS1EqZyTCa_FBhqhQET4S4q4N9KIhr6Pag7qpxMs&ga_vid=1219426785.1638159360&ga_sid=1638159360&ga_hid=545057241&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ada5a5d321e3f676297cf3ea6c7bbd31d23887503fc6c54f39aea2855d044a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8871
x-xss-protection: 0
google-lineitem-id: 5821824956
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373543855
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
259 B 72ms
72ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2879591147309984&correlator=2558783899403095&output=ldjh&impl=fif&eid=31060437%2C31060978%2C21068767&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=168615172%2CGT_PN%2Cad_300x250_4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C320x320%7C300x250%7C300x400&cookie=ID%3De72dd9e1a2cc4ae1-22ae10850ccc00b3%3AT%3D1638159360%3AS%3DALNI_Mb9IUHJRMIIHOqnylv5lRuL6kOifA&bc=31&abxe=1&lmt=1638159360&dt=1638159360212&dlt=1638159359375&idt=529&frm=20&biw=1600&bih=1200&oid=2&adxs=805&adys=978&adks=2866513198&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=500x250&msz=500x250&psts=AGkb-H9ohpaNzyOPMiGVFPg5B2-TRtntrvLCEJqsoBczuwnkbWnjVKGmLrGHp-IzS1EqZyTCa_FBhqhQET4S4q4N9KIhr6Pag7qpxMs&ga_vid=1219426785.1638159360&ga_sid=1638159360&ga_hid=545057241&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6d6112648e9204d1bde5b31048c4250c2938f16c159ff90f79f4cd5cea87da11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-90285-12&cid=1219426785.1638159360&jid=608808579&gjid=130976137&_gid=355729448.1638159360&_u=YAjAAUABAAAAAC~&z=1208771543

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 29 Nov 2021 04:16:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-90285-12&cid=1219426785.1638159360&jid=1225385042&gjid=537846658&_gid=355729448.1638159360&_u=YAjAAUABAAAAAC~&z=1759590659

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 29 Nov 2021 04:16:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 59ms
20ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52170176-1&cid=1219426785.1638159360&jid=1655028888&gjid=606713344&_gid=355729448.1638159360&_u=YAjAAUABAAAAAC~&z=137535645

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 29 Nov 2021 04:16:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 63ms
24ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52170176-1&cid=1219426785.1638159360&jid=1872435999&gjid=443891662&_gid=355729448.1638159360&_u=YAjAAUABAAAAAC~&z=44543215

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 29 Nov 2021 04:16:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 63ms
24ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53456215-1&cid=1219426785.1638159360&jid=2127394292&gjid=333028594&_gid=355729448.1638159360&_u=YAhAAEAAAAAAAC~&z=1965327919

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 29 Nov 2021 04:16:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 62ms
24ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53456215-1&cid=1219426785.1638159360&jid=1406993509&gjid=464194488&_gid=355729448.1638159360&_u=YAjAAUABAAAAAC~&z=1835871305

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 29 Nov 2021 04:16:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK opinion-fondo.jpg
static.publinews.gt/2020/06/ 4 KB
4 KB 11ms
11ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-fondo.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 142285bd07a14ae41f00f7a4abfb34d050e788f6d64e3935fda159cef378acab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:06 GMT
Server: nginx/1.20.1
ETag: "5ef9405e-e83"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3715

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 107ms
47ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.publinews.gt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 94ms
47ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.publinews.gt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
259 B 75ms
75ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2879591147309984&correlator=2558783899403095&output=ldjh&impl=fif&eid=31060437%2C31060978%2C21068767&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=168615172%2CGT_PN%2Cad_300x250_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x400%7C300x600%7C320x320&cookie=ID%3De72dd9e1a2cc4ae1-22ae10850ccc00b3%3AT%3D1638159360%3AS%3DALNI_Mb9IUHJRMIIHOqnylv5lRuL6kOifA&bc=31&abxe=1&lmt=1638159360&dt=1638159360251&dlt=1638159359375&idt=529&frm=20&biw=1600&bih=1200&oid=2&adxs=1148&adys=2054&adks=1216183410&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=332x25&msz=332x25&psts=AGkb-H9ohpaNzyOPMiGVFPg5B2-TRtntrvLCEJqsoBczuwnkbWnjVKGmLrGHp-IzS1EqZyTCa_FBhqhQET4S4q4N9KIhr6Pag7qpxMs&ga_vid=1219426785.1638159360&ga_sid=1638159360&ga_hid=545057241&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

1e454c9cbe9148173282ff772bcccce338ff927016a7ab660c333607f610d229

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
258 B 73ms
73ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2879591147309984&correlator=2558783899403095&output=ldjh&impl=fif&eid=31060437%2C31060978%2C21068767&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=168615172%2CGT_PN%2Cad_300x250_3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x400%7C300x600%7C320x320&cookie=ID%3De72dd9e1a2cc4ae1-22ae10850ccc00b3%3AT%3D1638159360%3AS%3DALNI_Mb9IUHJRMIIHOqnylv5lRuL6kOifA&bc=31&abxe=1&lmt=1638159360&dt=1638159360292&dlt=1638159359375&idt=529&frm=20&biw=1600&bih=1200&oid=2&adxs=1148&adys=2841&adks=3649687490&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=332x25&msz=332x25&psts=AGkb-H9ohpaNzyOPMiGVFPg5B2-TRtntrvLCEJqsoBczuwnkbWnjVKGmLrGHp-IzS1EqZyTCa_FBhqhQET4S4q4N9KIhr6Pag7qpxMs&ga_vid=1219426785.1638159360&ga_sid=1638159360&ga_hid=545057241&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

3172a96c957355bc92da68d5c88483ee33d364b7f78de4772728d314b0182f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 publinews.gt.1129387.es6.js Show response
jsc.mgid.com/p/u/ 240 KB
71 KB 40ms
28ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f629148135500ef120ed5573abf7a2016c9a032b2c5a19d3ab7513264b4763df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 2999
last-modified: Thu, 25 Nov 2021 11:22:01 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: V5ED6M00T8RYW6KH
x-amz-id-2: uVFkzOhgM6x935MN/JRInlnT4VP3DB+S0OqYZ2nZjtN7rfyGCMhOOnCIUov5C4xqYHTRXYJxS6o=
cf-bgj: minify
server: cloudflare
etag: W/"762aa59aba69246f81f18cebc54a3a22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6b5904a1f93dc28b-FRA
expires: Mon, 29 Nov 2021 07:16:00 GMT

GET
H2 200 GT_PN Show response
ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/ 646 B
969 B 17ms
15ms XHR
application/json 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?rnd=0.9218702018165441&e=adfooter:1x1!/GT_PN/ad_footer&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: i.e-planning.net
URL: https://i.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 6bd4d060e1744089ea5cfeb86b2f7c4e1d5f629b200d5ba908f655f2b9f3a8ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.publinews.gt
expires: Mon, 29 Nov 2021 04:16:00 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 646
x-sid: AMS-602

GET
H2 200 GT_PN Show response
ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/ 644 B
967 B 17ms
16ms XHR
application/json 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?rnd=0.9218702018165441&e=adskin:1x1!/GT_PN/ad_skin&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: i.e-planning.net
URL: https://i.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 6f0dce8cd4d682fa59faf594019c7175f0c9d5ce5194470507417df0e1ed69dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.publinews.gt
expires: Mon, 29 Nov 2021 04:16:00 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 644
x-sid: AMS-602

GET
H2 200 GT_PN Show response
ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/ 647 B
970 B 16ms
16ms XHR
application/json 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2f15c/168615172/www.publinews.gt/GT_PN?rnd=0.9218702018165441&e=adsponsor:120x40!/GT_PN/ad_sponsor&fv=0&ur=https%3A//www.publinews.gt/gt/&cb=hbepl.rH&ts=1638159360&tz=0&dc=1&facmd5=0&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: i.e-planning.net
URL: https://i.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 76f1e8cac24ea2783e9404ea243e9cb9dfad70254ab2d7bad349217adea6cdde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.publinews.gt
expires: Mon, 29 Nov 2021 04:16:00 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 647
x-sid: AMS-602

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 80ms
80ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2879591147309984&correlator=2558783899403095&output=ldjh&impl=fif&eid=31060437%2C31060978%2C21068767&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=168615172%2CGT_PN%2Cad_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x100%7C970x100&cookie=ID%3De72dd9e1a2cc4ae1-22ae10850ccc00b3%3AT%3D1638159360%3AS%3DALNI_Mb9IUHJRMIIHOqnylv5lRuL6kOifA&bc=31&abxe=1&lmt=1638159360&dt=1638159360316&dlt=1638159359375&idt=529&frm=20&biw=1600&bih=1200&oid=2&adxs=640&adys=1095&adks=3733977308&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&psts=AGkb-H9ohpaNzyOPMiGVFPg5B2-TRtntrvLCEJqsoBczuwnkbWnjVKGmLrGHp-IzS1EqZyTCa_FBhqhQET4S4q4N9KIhr6Pag7qpxMs&ga_vid=1219426785.1638159360&ga_sid=1638159360&ga_hid=545057241&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

1356f193486d07903d18b921764f363c623d35ac231829cce4daf5d80c3b140b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8886
x-xss-protection: 0
google-lineitem-id: 5827003334
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369876780
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 69ms
41ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=82a5233c-57e9-47ce-90c2-f0366b748635&pageId=82680&pid=89486&debug_metadata=JhDA5M5Uk4&fv=917&ts=1638159360328&f=1&referer=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 77ms
48ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=82a5233c-57e9-47ce-90c2-f0366b748635&pageId=82680&pid=89486&slot=native&fv=917&ts=1638159360336&f=1&referer=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/82680/ 537 B
569 B 40ms
39ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/82680/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&page=%7B%22id%22%3A82680%2C%22placements%22%3A%5B%7B%22id%22%3A89486%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A1360%2C%22height%22%3A765%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=82a5233c-57e9-47ce-90c2-f0366b748635&formatVersion=917&env=js-web&netBw=9.7&ttfb=1975
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f78922e6ca28fff748e3fb5f03a281976d6354fec45bdc932a9e0d7453550fd9

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.publinews.gt
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 361
expires: Mon, 29 Nov 2021 04:16:00 GMT

POST
H/1.1 204
No Content / Show response
www.publinews.gt/gt/ 0
222 B 111ms
110ms XHR
text/html 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.publinews.gt/gt/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Cache-Control: max-age=15, s-maxage=0
Server: nginx/1.20.1
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK opinion-giovannifratti.jpg
static.publinews.gt/2020/06/ 5 KB
5 KB 12ms
11ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 1adf337204d2f4cee5264b18e3212be7a93cd619c705e30bf89a3d27192b77f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:17 GMT
Server: nginx/1.20.1
ETag: "5ef94069-1406"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5126

GET
H/1.1 200
OK opinion-luisvalenzuela.jpg
static.publinews.gt/2020/06/ 5 KB
5 KB 12ms
11ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 8195ec559939a3299a302f8e0c182ba87ddc46b9d26de044d2b8b69fd412a645

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:33 GMT
Server: nginx/1.20.1
ETag: "5ef94079-1358"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4952

GET
H/1.1 200
OK opinion-mariaace%C3%B1a.jpg
static.publinews.gt/2020/06/ 6 KB
6 KB 11ms
11ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: a0aad236d91f8a4ccca9299f760e17fff3a18635872a6e38ae4900eead00cd38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:43 GMT
Server: nginx/1.20.1
ETag: "5ef94083-18a4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6308

GET
H/1.1 200
OK opinion-josesanabria.jpg
static.publinews.gt/2020/06/ 5 KB
5 KB 11ms
11ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-josesanabria.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 3f43187776cc2fd671ed841523cc7bfd3d8d4dc3c0a32e0ae3b1b84e32f6d871

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:22 GMT
Server: nginx/1.20.1
ETag: "5ef9406e-1426"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5158

GET
H/1.1 200
OK opinion-default.jpg
static.publinews.gt/2020/06/ 4 KB
5 KB 12ms
12ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-default.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 3be29565ed74ebe94b47d147f84748dc076566e4348c72db227ad8cf72a75f24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 01:13:59 GMT
Server: nginx/1.20.1
ETag: "5ef94057-11a7"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4519

GET
H/1.1 200
OK asyncspc.php Show response
adserver.latinon.com/revive/www/delivery/ 3 KB
3 KB 94ms
94ms XHR
application/json 64.227.27.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://adserver.latinon.com/revive/www/delivery/asyncspc.php?zones=137&prefix=revive-0-&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F

Requested by

Host: adserver.latinon.com
URL: https://adserver.latinon.com/revive/www/delivery/asyncjs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.227.27.145 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e328110ace242b392914a68a9979057a590f95f547f4d37309868460e0222e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 04:16:00 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://www.publinews.gt
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=20
X-Xss-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame 4FBF 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.publinews.gt
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 967675
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 29 Nov 2021 04:16:00 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6711)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 139ms
49ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90285-12&cid=1219426785.1638159360&jid=608808579&_u=YAjAAUABAAAAAC~&z=673675215

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 147ms
55ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90285-12&cid=1219426785.1638159360&jid=608808579&_u=YAjAAUABAAAAAC~&z=673675215

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 108ms
51ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90285-12&cid=1219426785.1638159360&jid=1225385042&_u=YAjAAUABAAAAAC~&z=1187252252

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 126ms
54ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90285-12&cid=1219426785.1638159360&jid=1225385042&_u=YAjAAUABAAAAAC~&z=1187252252

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 105ms
51ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53456215-1&cid=1219426785.1638159360&jid=1406993509&_u=YAjAAUABAAAAAC~&z=316808904

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 126ms
64ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53456215-1&cid=1219426785.1638159360&jid=1406993509&_u=YAjAAUABAAAAAC~&z=316808904

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 71ms
49ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53456215-1&cid=1219426785.1638159360&jid=2127394292&_u=YAhAAEAAAAAAAC~&z=339586789

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 74ms
57ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53456215-1&cid=1219426785.1638159360&jid=2127394292&_u=YAhAAEAAAAAAAC~&z=339586789

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA2B 6 KB
3 KB 88ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 04:16:00 GMT
expires: Tue, 29 Nov 2022 04:16:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

opinion-chechapaiz-150x150.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-chechapaiz-150x150.jpg
https://static.publinews.gt/2020/06/opinion-chechapaiz-150x150.jpg

4 KB
4 KB

11ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-chechapaiz-150x150.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 6c25b976778ba4a030773a7897d64c44197eb5e393115ff8367c9d78aeffdc3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 04:38:44 GMT
Server: nginx/1.20.1
ETag: "5ef97054-10c0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4288

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-chechapaiz-150x150.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-giovannifratti.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-giovannifratti.jpg
https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg

5 KB
5 KB

12ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 1adf337204d2f4cee5264b18e3212be7a93cd619c705e30bf89a3d27192b77f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:17 GMT
Server: nginx/1.20.1
ETag: "5ef94069-1406"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5126

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-josesanabria.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-josesanabria.jpg
https://static.publinews.gt/2020/06/opinion-josesanabria.jpg

5 KB
5 KB

11ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-josesanabria.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 3f43187776cc2fd671ed841523cc7bfd3d8d4dc3c0a32e0ae3b1b84e32f6d871

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:22 GMT
Server: nginx/1.20.1
ETag: "5ef9406e-1426"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5158

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-josesanabria.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-julissamartinez-150x150.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-julissamartinez-150x150.jpg
https://static.publinews.gt/2020/06/opinion-julissamartinez-150x150.jpg

5 KB
5 KB

12ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-julissamartinez-150x150.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 0da563d8fc4e14fac20984e96e83406f2554ee1bef09f5de660a7662c1713ecc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 04:38:42 GMT
Server: nginx/1.20.1
ETag: "5ef97052-1256"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4694

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-julissamartinez-150x150.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-luisvalenzuela.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-luisvalenzuela.jpg
https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg

5 KB
5 KB

11ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 8195ec559939a3299a302f8e0c182ba87ddc46b9d26de044d2b8b69fd412a645

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:33 GMT
Server: nginx/1.20.1
ETag: "5ef94079-1358"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4952

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-mariaace%C3%B1a.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-mariaace%C3%B1a.jpg
https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg

6 KB
6 KB

12ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: a0aad236d91f8a4ccca9299f760e17fff3a18635872a6e38ae4900eead00cd38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:43 GMT
Server: nginx/1.20.1
ETag: "5ef94083-18a4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6308

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-nelsonleal-150x150.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-nelsonleal-150x150.jpg
https://static.publinews.gt/2020/06/opinion-nelsonleal-150x150.jpg

6 KB
6 KB

12ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-nelsonleal-150x150.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e91580f860a460f66df16f1383f3a285780216e698edf0407e07ff45ff1cd0c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 04:38:41 GMT
Server: nginx/1.20.1
ETag: "5ef97051-1838"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6200

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-nelsonleal-150x150.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-paolarivano.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-paolarivano.jpg
https://static.publinews.gt/2020/06/opinion-paolarivano.jpg

6 KB
6 KB

12ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-paolarivano.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: cf85242e9b3ceb7147907911c2f6a14da84b99d06aba24c4daad28cbbf93209b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:53 GMT
Server: nginx/1.20.1
ETag: "5ef9408d-181a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6170

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-paolarivano.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

resultados-semifinales-ida-primera-division-publinews-3-414x232.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/resultados-semifinales-ida-primera-division-publinews-3-414x232.jpg
https://static.publinews.gt/2021/11/resultados-semifinales-ida-primera-division-publinews-3-414x232.jpg

22 KB
22 KB

11ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/resultados-semifinales-ida-primera-division-publinews-3-414x232.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 9097e9aa5f0e2f0970398a99f585c28e6d5bc8ae49b7cbf90392bb5ca20b7147

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 21 Nov 2021 20:08:59 GMT
Server: nginx/1.20.1
ETag: "619aa75b-57c1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22465

Redirect headers

Location: https://static.publinews.gt/2021/11/resultados-semifinales-ida-primera-division-publinews-3-414x232.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Coban-Municipal-apertura-2021-3-640x640.jpeg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Coban-Municipal-apertura-2021-3-640x640.jpeg
https://static.publinews.gt/2021/11/Coban-Municipal-apertura-2021-3-640x640.jpeg

114 KB
114 KB

11ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/Coban-Municipal-apertura-2021-3-640x640.jpeg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 522952d0caabfa72aa2f8176cfa730db841a186cf2a1c368b9fe23929350e060

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 17:57:02 GMT
Server: nginx/1.20.1
ETag: "61a3c2ee-1c6ff"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 116479

Redirect headers

Location: https://static.publinews.gt/2021/11/Coban-Municipal-apertura-2021-3-640x640.jpeg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

victoria-del-PSG-5-414x232.jpeg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/victoria-del-PSG-5-414x232.jpeg
https://static.publinews.gt/2021/11/victoria-del-PSG-5-414x232.jpeg

27 KB
28 KB

13ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/victoria-del-PSG-5-414x232.jpeg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 2142ed8f8fea43747c0cf437c69568199c8f0cc7bf01d40d5263ffbfb75eaf02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 13:59:38 GMT
Server: nginx/1.20.1
ETag: "61a38b4a-6d3c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27964

Redirect headers

Location: https://static.publinews.gt/2021/11/victoria-del-PSG-5-414x232.jpeg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

encanto-disney-300x168.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/encanto-disney-300x168.jpg
https://static.publinews.gt/2021/11/encanto-disney-300x168.jpg

19 KB
19 KB

12ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/encanto-disney-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 42fa529d67919fa8d028c501b4e86c9509e1906dfbdd859a2ed36dc44e46d881

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 29 Nov 2021 00:18:56 GMT
Server: nginx/1.20.1
ETag: "61a41c70-4b11"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19217

Redirect headers

Location: https://static.publinews.gt/2021/11/encanto-disney-300x168.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

ricardo-arjona-publinews-187x140.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/ricardo-arjona-publinews-187x140.jpg
https://static.publinews.gt/2021/11/ricardo-arjona-publinews-187x140.jpg

6 KB
6 KB

11ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/ricardo-arjona-publinews-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 172b4854a57c9a20da3a239720ac32a7812203b910be2f21a7086cf10fa0854e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 16:40:30 GMT
Server: nginx/1.20.1
ETag: "61a3b0fe-1794"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6036

Redirect headers

Location: https://static.publinews.gt/2021/11/ricardo-arjona-publinews-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Irina-Baeva-187x140.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Irina-Baeva-187x140.jpg
https://static.publinews.gt/2021/11/Irina-Baeva-187x140.jpg

10 KB
11 KB

12ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/Irina-Baeva-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e82f4cb5ae64f84778900ed5c54ff08812b7335059b7fe70ab5e12472a155e15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sat, 27 Nov 2021 19:29:14 GMT
Server: nginx/1.20.1
ETag: "61a2870a-29da"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10714

Redirect headers

Location: https://static.publinews.gt/2021/11/Irina-Baeva-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Dannia-Guevara-1-187x140.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Dannia-Guevara-1-187x140.jpg
https://static.publinews.gt/2021/11/Dannia-Guevara-1-187x140.jpg

6 KB
7 KB

12ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/Dannia-Guevara-1-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 71cdbee8ab5e8b9b8f8d545bc6c55216e2a5aa238ab99e48d2a62c14d441731f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sat, 27 Nov 2021 17:57:31 GMT
Server: nginx/1.20.1
ETag: "61a2718b-19b1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6577

Redirect headers

Location: https://static.publinews.gt/2021/11/Dannia-Guevara-1-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

lobo-vasquez-festeja-no-estara-memo-ochoa-en-partido-mexico-vs-guatemala-publinews-2-300x300.jpg
static.publinews.gt/2020/09/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/09/lobo-vasquez-festeja-no-estara-memo-ochoa-en-partido-mexico-vs-guatemala-publinews-2-300x300.jpg
https://static.publinews.gt/2020/09/lobo-vasquez-festeja-no-estara-memo-ochoa-en-partido-mexico-vs-guatemala-publinews-2-300x300.jpg

14 KB
15 KB

14ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/09/lobo-vasquez-festeja-no-estara-memo-ochoa-en-partido-mexico-vs-guatemala-publinews-2-300x300.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: ed81e69986e50c71b697014856768374491d45dbb6a3addf819ce3e13b2b72b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Wed, 30 Sep 2020 20:39:34 GMT
Server: nginx/1.20.1
ETag: "5f74ed06-39ef"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14831

Redirect headers

Location: https://static.publinews.gt/2020/09/lobo-vasquez-festeja-no-estara-memo-ochoa-en-partido-mexico-vs-guatemala-publinews-2-300x300.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Cindy-Crawford-hija-en-topless-187x140.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Cindy-Crawford-hija-en-topless-187x140.jpg
https://static.publinews.gt/2021/11/Cindy-Crawford-hija-en-topless-187x140.jpg

8 KB
8 KB

14ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/Cindy-Crawford-hija-en-topless-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 449fbd34fc9ddf0bc8ce99871be2cd91b708b6ba3a888db2adce595ccc886450

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Fri, 26 Nov 2021 19:17:16 GMT
Server: nginx/1.20.1
ETag: "61a132bc-1e75"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7797

Redirect headers

Location: https://static.publinews.gt/2021/11/Cindy-Crawford-hija-en-topless-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Celia-Lora-187x140.jpg
static.publinews.gt/2021/10/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/10/Celia-Lora-187x140.jpg
https://static.publinews.gt/2021/10/Celia-Lora-187x140.jpg

6 KB
6 KB

15ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/10/Celia-Lora-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e8f9da93a6450e35f60021a598c53da6961cb711caa8bbda11cdaf792752dfe8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Tue, 05 Oct 2021 19:14:45 GMT
Server: nginx/1.20.1
ETag: "615ca425-186a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6250

Redirect headers

Location: https://static.publinews.gt/2021/10/Celia-Lora-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

kimberly-flores-publinews-3-187x140.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/kimberly-flores-publinews-3-187x140.png
https://static.publinews.gt/2021/11/kimberly-flores-publinews-3-187x140.png

49 KB
49 KB

14ms
13ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/kimberly-flores-publinews-3-187x140.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 5340961cc2751c4b61e6b902a73348101135416b53e842a0e7a1ae5409e45eaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Fri, 26 Nov 2021 01:35:36 GMT
Server: nginx/1.20.1
ETag: "61a039e8-c2ce"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49870

Redirect headers

Location: https://static.publinews.gt/2021/11/kimberly-flores-publinews-3-187x140.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

kpop-publinews--300x168.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/kpop-publinews--300x168.jpg
https://static.publinews.gt/2021/11/kpop-publinews--300x168.jpg

20 KB
21 KB

14ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/kpop-publinews--300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 9dd0fa5273465330e7f6a2b4657910545ca6105067064577c882862f7357b876

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Fri, 26 Nov 2021 00:39:01 GMT
Server: nginx/1.20.1
ETag: "61a02ca5-51fe"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20990

Redirect headers

Location: https://static.publinews.gt/2021/11/kpop-publinews--300x168.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

el-tecnico-del-internet-publinews-1-1-414x232.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/el-tecnico-del-internet-publinews-1-1-414x232.png
https://static.publinews.gt/2021/11/el-tecnico-del-internet-publinews-1-1-414x232.png

154 KB
154 KB

12ms
11ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/el-tecnico-del-internet-publinews-1-1-414x232.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e654d29906ec7673a72e9a397a744162b66281cb9f834b34104d5c8719c8e203

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Thu, 25 Nov 2021 23:57:46 GMT
Server: nginx/1.20.1
ETag: "61a022fa-2681e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 157726

Redirect headers

Location: https://static.publinews.gt/2021/11/el-tecnico-del-internet-publinews-1-1-414x232.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

yanetgarciasinma-0acce5e144a9e3fce9c066023b835291-187x140.jpg
static.publinews.gt/2019/12/17/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2019/12/17/yanetgarciasinma-0acce5e144a9e3fce9c066023b835291-187x140.jpg
https://static.publinews.gt/2019/12/17/yanetgarciasinma-0acce5e144a9e3fce9c066023b835291-187x140.jpg

4 KB
4 KB

12ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2019/12/17/yanetgarciasinma-0acce5e144a9e3fce9c066023b835291-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: d6bb9d39bae35865d68eac5a651d0bfaa05c0ddf75d9f20b76f38289867ea30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 12 Jul 2020 20:23:48 GMT
Server: nginx/1.20.1
ETag: "5f0b7154-107b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4219

Redirect headers

Location: https://static.publinews.gt/2019/12/17/yanetgarciasinma-0acce5e144a9e3fce9c066023b835291-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

alicia-machado-y-roberto-romano-187x140.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/alicia-machado-y-roberto-romano-187x140.jpg
https://static.publinews.gt/2021/11/alicia-machado-y-roberto-romano-187x140.jpg

9 KB
9 KB

13ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/alicia-machado-y-roberto-romano-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 0ba39d56cb112c7a8776e6a4b8287bcecfbf1f4909340962569532dd995243e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Thu, 25 Nov 2021 15:38:43 GMT
Server: nginx/1.20.1
ETag: "619fae03-2265"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8805

Redirect headers

Location: https://static.publinews.gt/2021/11/alicia-machado-y-roberto-romano-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

madonnatoplessinstagram-f054acf11873e2ff60f5f9dfcc98335f-414x232.jpg
static.publinews.gt/2018/01/29/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2018/01/29/madonnatoplessinstagram-f054acf11873e2ff60f5f9dfcc98335f-414x232.jpg
https://static.publinews.gt/2018/01/29/madonnatoplessinstagram-f054acf11873e2ff60f5f9dfcc98335f-414x232.jpg

20 KB
20 KB

12ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2018/01/29/madonnatoplessinstagram-f054acf11873e2ff60f5f9dfcc98335f-414x232.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 9db28eafbede298448562088ea5752930925564ce7f57d47af45c48eb710a85a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 05 Jul 2020 02:46:44 GMT
Server: nginx/1.20.1
ETag: "5f013f14-4fd9"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20441

Redirect headers

Location: https://static.publinews.gt/2018/01/29/madonnatoplessinstagram-f054acf11873e2ff60f5f9dfcc98335f-414x232.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Hijo-de-Arnold-Schwarzenegger-187x140.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Hijo-de-Arnold-Schwarzenegger-187x140.jpg
https://static.publinews.gt/2021/11/Hijo-de-Arnold-Schwarzenegger-187x140.jpg

8 KB
8 KB

12ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/Hijo-de-Arnold-Schwarzenegger-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: afdcea0f0312450b432c976f511fff685242315e8883991efdec19b0d2673c40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Thu, 25 Nov 2021 13:43:57 GMT
Server: nginx/1.20.1
ETag: "619f931d-20b6"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8374

Redirect headers

Location: https://static.publinews.gt/2021/11/Hijo-de-Arnold-Schwarzenegger-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

laurabozzo-0a7dcb2071e3f42be201c4202ab760dc-187x140.jpg
static.publinews.gt/2020/04/30/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/04/30/laurabozzo-0a7dcb2071e3f42be201c4202ab760dc-187x140.jpg
https://static.publinews.gt/2020/04/30/laurabozzo-0a7dcb2071e3f42be201c4202ab760dc-187x140.jpg

6 KB
6 KB

12ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/04/30/laurabozzo-0a7dcb2071e3f42be201c4202ab760dc-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 01cdbb8282b78160bf6eb29d2a5f8d56c46786a59011f9b673998d58c2c78917

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sat, 04 Jul 2020 16:08:44 GMT
Server: nginx/1.20.1
ETag: "5f00a98c-1646"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5702

Redirect headers

Location: https://static.publinews.gt/2020/04/30/laurabozzo-0a7dcb2071e3f42be201c4202ab760dc-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

PORTADA-PUBLINEWS-26-NOVIEMBRE-2021.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/PORTADA-PUBLINEWS-26-NOVIEMBRE-2021.jpg
https://static.publinews.gt/2021/11/PORTADA-PUBLINEWS-26-NOVIEMBRE-2021.jpg

671 KB
671 KB

12ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/PORTADA-PUBLINEWS-26-NOVIEMBRE-2021.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 319b3af03638ca0a6230938f9a10efbf626ea827abb3d421f624ca0246541286

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Fri, 26 Nov 2021 05:50:31 GMT
Server: nginx/1.20.1
ETag: "61a075a7-a7ae1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 686817

Redirect headers

Location: https://static.publinews.gt/2021/11/PORTADA-PUBLINEWS-26-NOVIEMBRE-2021.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

lucio-madre-pareja-asesinato-300x300.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/lucio-madre-pareja-asesinato-300x300.png
https://static.publinews.gt/2021/11/lucio-madre-pareja-asesinato-300x300.png

138 KB
138 KB

15ms
15ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/lucio-madre-pareja-asesinato-300x300.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: fa68fd8807e8bddeeaf830bea8063ce7ea6c13aefc663519d7e8132649385dac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sun, 28 Nov 2021 21:13:33 GMT
Server: nginx/1.20.1
ETag: "61a3f0fd-22623"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 140835

Redirect headers

Location: https://static.publinews.gt/2021/11/lucio-madre-pareja-asesinato-300x300.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Best-Buy-robo-300x168.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Best-Buy-robo-300x168.png
https://static.publinews.gt/2021/11/Best-Buy-robo-300x168.png

78 KB
78 KB

23ms
22ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/Best-Buy-robo-300x168.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 38b0418bb58311b229df6d057463806e2d7662e3025a29c03d9a867f294c3e00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sat, 27 Nov 2021 21:02:28 GMT
Server: nginx/1.20.1
ETag: "61a29ce4-137a0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79776

Redirect headers

Location: https://static.publinews.gt/2021/11/Best-Buy-robo-300x168.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

foto-de-recurso-de-una-prueba-de-covid-187x140.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/foto-de-recurso-de-una-prueba-de-covid-187x140.jpg
https://static.publinews.gt/2021/11/foto-de-recurso-de-una-prueba-de-covid-187x140.jpg

3 KB
3 KB

22ms
22ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/foto-de-recurso-de-una-prueba-de-covid-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 7947be9205ded58b4d9b84f7282ef6a1c47dcfdc7b2376c123e0422af16a8fa6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Sat, 27 Nov 2021 18:49:55 GMT
Server: nginx/1.20.1
ETag: "61a27dd3-cd7"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3287

Redirect headers

Location: https://static.publinews.gt/2021/11/foto-de-recurso-de-una-prueba-de-covid-187x140.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

influencer-famosa-hombre-50-an%CC%83os1-187x140.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/influencer-famosa-hombre-50-an%CC%83os1-187x140.png
https://static.publinews.gt/2021/11/influencer-famosa-hombre-50-an%CC%83os1-187x140.png

61 KB
61 KB

25ms
25ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/influencer-famosa-hombre-50-an%CC%83os1-187x140.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 9a09c63687d35293c35bb6c47767c2700b2505f3c22e700ef8499db3dda30392

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Fri, 26 Nov 2021 23:50:43 GMT
Server: nginx/1.20.1
ETag: "61a172d3-f2ce"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62158

Redirect headers

Location: https://static.publinews.gt/2021/11/influencer-famosa-hombre-50-an%CC%83os1-187x140.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

accidente-choca-seis-carros-Argentina-187x140.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/accidente-choca-seis-carros-Argentina-187x140.png
https://static.publinews.gt/2021/11/accidente-choca-seis-carros-Argentina-187x140.png

40 KB
40 KB

23ms
23ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/accidente-choca-seis-carros-Argentina-187x140.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: b96ac399e4e6f213767cbd0072921d6df80645506591f72319a80a78450f3421

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Fri, 26 Nov 2021 19:13:22 GMT
Server: nginx/1.20.1
ETag: "61a131d2-9e3b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40507

Redirect headers

Location: https://static.publinews.gt/2021/11/accidente-choca-seis-carros-Argentina-187x140.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

juan-jose-castillo-black-friday-300x300.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/juan-jose-castillo-black-friday-300x300.jpg
https://static.publinews.gt/2021/11/juan-jose-castillo-black-friday-300x300.jpg

21 KB
21 KB

11ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/juan-jose-castillo-black-friday-300x300.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 0d2bea0baca294527c0a64e2cfda428b169b4e91f0e0d3fa51c971d8d70079fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Fri, 26 Nov 2021 05:41:47 GMT
Server: nginx/1.20.1
ETag: "61a0739b-52f8"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21240

Redirect headers

Location: https://static.publinews.gt/2021/11/juan-jose-castillo-black-friday-300x300.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

mujer-se-traga-auriculares-inalambricos-pastilla-300x300.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/mujer-se-traga-auriculares-inalambricos-pastilla-300x300.png
https://static.publinews.gt/2021/11/mujer-se-traga-auriculares-inalambricos-pastilla-300x300.png

119 KB
119 KB

11ms
11ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/mujer-se-traga-auriculares-inalambricos-pastilla-300x300.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 71141f40b7c1212d504ec64130c530f48db14c7510c560730fb0b717fe5e1327

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Thu, 25 Nov 2021 17:52:44 GMT
Server: nginx/1.20.1
ETag: "619fcd6c-1db82"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 121730

Redirect headers

Location: https://static.publinews.gt/2021/11/mujer-se-traga-auriculares-inalambricos-pastilla-300x300.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

black-friday-ofertas-centro-comercial-spectrum-publinews-1-300x300.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/black-friday-ofertas-centro-comercial-spectrum-publinews-1-300x300.png
https://static.publinews.gt/2021/11/black-friday-ofertas-centro-comercial-spectrum-publinews-1-300x300.png

155 KB
155 KB

12ms
11ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/black-friday-ofertas-centro-comercial-spectrum-publinews-1-300x300.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: eb826b9e130ebac2b9dc77bea9c1c744128f5a9414984592cdaf2ad918059fe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Wed, 24 Nov 2021 01:19:40 GMT
Server: nginx/1.20.1
ETag: "619d932c-26ae8"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 158440

Redirect headers

Location: https://static.publinews.gt/2021/11/black-friday-ofertas-centro-comercial-spectrum-publinews-1-300x300.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

luces-campero-show-guatemala-2021-emisoras-unidas-publinews-1-300x168.jpeg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/luces-campero-show-guatemala-2021-emisoras-unidas-publinews-1-300x168.jpeg
https://static.publinews.gt/2021/11/luces-campero-show-guatemala-2021-emisoras-unidas-publinews-1-300x168.jpeg

10 KB
10 KB

11ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/luces-campero-show-guatemala-2021-emisoras-unidas-publinews-1-300x168.jpeg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 3139db5bbf7fe4c04b0a9fd138c8b3ac7c59e036d3a2bd6cbe3d24b8cf4ffd01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 22 Nov 2021 19:06:35 GMT
Server: nginx/1.20.1
ETag: "619bea3b-2845"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10309

Redirect headers

Location: https://static.publinews.gt/2021/11/luces-campero-show-guatemala-2021-emisoras-unidas-publinews-1-300x168.jpeg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

gran-bazar-fetiche-noviembre-fragancias-ofertas-publinews-5-300x168.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/gran-bazar-fetiche-noviembre-fragancias-ofertas-publinews-5-300x168.png
https://static.publinews.gt/2021/11/gran-bazar-fetiche-noviembre-fragancias-ofertas-publinews-5-300x168.png

80 KB
80 KB

11ms
11ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/gran-bazar-fetiche-noviembre-fragancias-ofertas-publinews-5-300x168.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 7c90f22dc5fcf5f1507a2585690df809988f26d96cefe3aa23f5817857dfd031

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Mon, 22 Nov 2021 17:46:50 GMT
Server: nginx/1.20.1
ETag: "619bd78a-13f3e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81726

Redirect headers

Location: https://static.publinews.gt/2021/11/gran-bazar-fetiche-noviembre-fragancias-ofertas-publinews-5-300x168.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

universidad-galileo-alcanza-millon-estudiantes-edx-clases-virtuales-publinews-1-300x168.png
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/universidad-galileo-alcanza-millon-estudiantes-edx-clases-virtuales-publinews-1-300x168.png
https://static.publinews.gt/2021/11/universidad-galileo-alcanza-millon-estudiantes-edx-clases-virtuales-publinews-1-300x168.png

91 KB
91 KB

12ms
11ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/universidad-galileo-alcanza-millon-estudiantes-edx-clases-virtuales-publinews-1-300x168.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 65431286e84e46ad86d064d3bfed2de9da3d32dc4f8c9fd28750302f890e8324

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Tue, 16 Nov 2021 18:49:25 GMT
Server: nginx/1.20.1
ETag: "6193fd35-16b9a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93082

Redirect headers

Location: https://static.publinews.gt/2021/11/universidad-galileo-alcanza-millon-estudiantes-edx-clases-virtuales-publinews-1-300x168.png
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Licores-de-Guatemala-300x168.jpg
static.publinews.gt/2021/11/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/11/Licores-de-Guatemala-300x168.jpg
https://static.publinews.gt/2021/11/Licores-de-Guatemala-300x168.jpg

9 KB
9 KB

11ms
11ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/11/Licores-de-Guatemala-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 Altrip, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 12eed69c3b6138f2c1478a1a8ced6f7193a356cb37cf4b3751de6b10946a35f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Last-Modified: Wed, 17 Nov 2021 21:35:15 GMT
Server: nginx/1.20.1
ETag: "61957593-2465"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9317

Redirect headers

Location: https://static.publinews.gt/2021/11/Licores-de-Guatemala-300x168.jpg
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame C83D 134 KB
46 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: publinewsgt.com
URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86441c9a21f4c77dcbb2a4f020d904179f15c8e9b35f3f85d5d053ee62c13232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://publinewsgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46298
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 04:20:34 GMT

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 5357 134 KB
45 KB 184ms
96ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: publinewsgt.com
URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86441c9a21f4c77dcbb2a4f020d904179f15c8e9b35f3f85d5d053ee62c13232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://publinewsgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46298
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 04:20:34 GMT

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 372A 134 KB
45 KB 217ms
132ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: publinewsgt.com
URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86441c9a21f4c77dcbb2a4f020d904179f15c8e9b35f3f85d5d053ee62c13232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://publinewsgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46298
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 04:20:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5582 0
0 105ms
59ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfB_gL3QPI1Zb59QWiVJpH9kpSYIg_1aYBmlL6vai0DSZ7qpCOAy4KwzmimH3ylSOF8cn7RWN-eewVRqHxr01NhmG6YwTFxwyq1G0e-tcVJm3nZx-amrpvRrCY53av17eqArfrnhao7GrZL_izFq3CsxqNk0Y9vgN5MiabUuH3yY6x_MbcX-LBlzzIeINAwHnKrt7YKFNPNDzmDHXciOZy3ARr7a-Ir2RVqvdEbEgOVGsUNIpf6gu5epDY3sgR8NSJFUw88OxRIIZYerbfZ1L2vTY12q94LJt90yjV4sycc8cNu_jnu733MCPfHz8087Pi&sai=AMfl-YRhtWEp3Wh1yvcrYm8F16_QGaPq22T_TWnxbdTBYEe1dXF9LSwGd70OWa9v5P6ot9XeRhXVRdb6fcBHK9y3nKjQY5JXJtSNY9SHIKAiNkdCT382A5o1n5PhWWziJ31J&sig=Cg0ArKJSzFpAhefShfRyEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 29 Nov 2021 04:16:00 GMT

GET
DATA 200
OK truncated
/ Frame 5582 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 759b95af1ac5509ca5590cd9ac5aa7d792f42affeb4c33b123215c43b1934eae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame D8DF 0
0 34ms
6ms Image
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55...
https://mwzeom.zeotap.com/mw?google_gid=CAESEPWxX607ECcXnAnhV7od0Uo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d...

95 B
164 B

36ms
31ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEPWxX607ECcXnAnhV7od0Uo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a3b8ab42d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEPWxX607ECcXnAnhV7od0Uo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=4022b571-2bf9-447f-bdd3-6ab87424af39&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9...

95 B
153 B

18ms
17ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=4022b571-2bf9-447f-bdd3-6ab87424af39&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a4091342d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=4022b571-2bf9-447f-bdd3-6ab87424af39&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame D8DF 0
331 B 77ms
22ms Image
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Dd...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Dd...
https://mwzeom.zeotap.com/mw?cid=646e248e-bc67-48ca-8f5b-e472d1b7d497&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9...

95 B
153 B

21ms
20ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=646e248e-bc67-48ca-8f5b-e472d1b7d497&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a4597242d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=646e248e-bc67-48ca-8f5b-e472d1b7d497&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame D8DF 0
161 B 44ms
19ms Image
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638159361.564561,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4034-HHN

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame D8DF 0
411 B 581ms
106ms Image
text/html 2600:1f18:6593:f607:1e48:63e3:baf2:55da
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f607:1e48:63e3:baf2:55da Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 04:16:01 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D8DF 0
166 B 72ms
18ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcbe4019-3893-4fd3-5562-e693783720b2%26reqId%3Ddaec8d48-0d09-4fb9-55c9-98fa74ed1af4%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:15:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=136...
https://mwzeom.zeotap.com/mw?cid=996d38c9-6a71-40d2-be91-dd02eda6bacc&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
153 B

19ms
18ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=996d38c9-6a71-40d2-be91-dd02eda6bacc&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a4799d42d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=996d38c9-6a71-40d2-be91-dd02eda6bacc&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=fcbe4019-3893-4fd3-5562-e693783720b2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=fcbe4019-3893-4fd3-5562-e693783720b2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=68954712913946408102542763565108005005&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-...

95 B
153 B

16ms
16ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=68954712913946408102542763565108005005&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a4799a42d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v020-0e7ef095f.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Bc7WPAoXSbU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=68954712913946408102542763565108005005&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame D8DF 0
324 B 145ms
29ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=fcbe4019-3893-4fd3-5562-e693783720b2&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-...
https://mwzeom.zeotap.com/mw?cid=BE1-2021112905-88281-0.708348001638159365-ca1dcb6325c77f9bbe1d0ac4b67c18c9&zdid=533&env=mWeb

95 B
153 B

19ms
19ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2021112905-88281-0.708348001638159365-ca1dcb6325c77f9bbe1d0ac4b67c18c9&zdid=533&env=mWeb
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a4193242d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2021112905-88281-0.708348001638159365-ca1dcb6325c77f9bbe1d0ac4b67c18c9&zdid=533&env=mWeb
Date: Mon, 29 Nov 2021 04:16:05 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7035840876843759764&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-...

95 B
153 B

24ms
21ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7035840876843759764&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a4091142d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7035840876843759764&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame D8DF
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=fcbe4019-3893-4fd3-5562-e693783720b2
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=fcbe4019-3893-4fd3-5562-e693783720b2

95 B
425 B

21ms
19ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=fcbe4019-3893-4fd3-5562-e693783720b2

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=fcbe4019-3893-4fd3-5562-e693783720b2
date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=fcbe4019-3893-4fd3-5562-e693783720b2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=fcbe4019-3893-4fd3-5562-e693783720b2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=qFQlYr.5jzky1nQP6UOlrO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4f...

95 B
153 B

16ms
15ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=qFQlYr.5jzky1nQP6UOlrO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a479a242d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
last-modified: Mon, 29 Nov 2021 04:16:00 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=qFQlYr.5jzky1nQP6UOlrO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame D8DF 36 B
334 B 64ms
14ms Image
image/gif 89.163.159.106
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=fcbe4019-3893-4fd3-5562-e693783720b2&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.106 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=fcbe4019-3893-4fd3-5562-e693783720b2?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=fcbe4019-3893-4fd3-5562-e693783720b2?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=edc9d904ff18d47d89b255cb51e23e66&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d...

95 B
153 B

24ms
24ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=edc9d904ff18d47d89b255cb51e23e66&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a53aa642d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=edc9d904ff18d47d89b255cb51e23e66&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
cache-control: no-cache
x-server: 10.45.19.188
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-sIYG6yBE2opRtA558d1V9_xEtoXpFfDDEg--~A&zpartnerid=570&env=mWeb

95 B
153 B

16ms
16ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-sIYG6yBE2opRtA558d1V9_xEtoXpFfDDEg--~A&zpartnerid=570&env=mWeb
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a3c8c642d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Mon, 29 Nov 2021 04:16:00 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-sIYG6yBE2opRtA558d1V9_xEtoXpFfDDEg--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=XPYYWYzWK41618NjfJNQvj8ODzQXxdVV%2BS41iYitP1U%3D

95 B
153 B

17ms
17ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=XPYYWYzWK41618NjfJNQvj8ODzQXxdVV%2BS41iYitP1U%3D
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a479a642d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=XPYYWYzWK41618NjfJNQvj8ODzQXxdVV%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame D8DF 43 B
324 B 54ms
20ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=fcbe4019-3893-4fd3-5562-e693783720b2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame D8DF 0
338 B 107ms
32ms Image
text/plain 52.208.185.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.185.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-185-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=102 t=1638159360
x-served-by: beacon-n011-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame D8DF 95 B
361 B 48ms
13ms Image
image/png 168.119.79.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=fcbe4019-3893-4fd3-5562-e693783720b2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.223.79.119.168.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YaRUAAAIGMd3TQBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98f...

95 B
153 B

17ms
17ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YaRUAAAIGMd3TQBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361&_test=YaRUAAAIGMd3TQBR
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a55ac942d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1638159361.848753,VS0,VE0
x-served-by: cache-hhn4039-HHN
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YaRUAAAIGMd3TQBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361&_test=YaRUAAAIGMd3TQBR
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=b86e61a4-53ff-4000-b37d-cc4f52a4e882&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d4...

95 B
153 B

19ms
18ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=b86e61a4-53ff-4000-b37d-cc4f52a4e882&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a4da1042d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x13 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=b86e61a4-53ff-4000-b37d-cc4f52a4e882&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 29 Nov 2021 04:15:59 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame D8DF
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed...

0
337 B

30ms
30ms

Image
text/plain

52.208.185.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 52.208.185.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-185-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
cache-control: private, no-cache, no-store
x-request-time: D=50 t=1638159361
x-served-by: beacon-n001-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
date: Mon, 29 Nov 2021 04:16:00 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a012-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame D8DF
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fcbe4019-3893-4fd3-5562-e693783720b2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-556...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fcbe4019-3893-4fd3-5562-e693783720b2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-556...

43 B
645 B

30ms
29ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fcbe4019-3893-4fd3-5562-e693783720b2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361&dcc=t

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 04:16:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 7T4K7TRPM86GGAK14ANQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 04:16:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5THZH7499S9YYAFPH59X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fcbe4019-3893-4fd3-5562-e693783720b2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://tags.bluekai.com/site/87734?id=fcbe4019-3893-4fd3-5562-e693783720b2&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

95 B
176 B

17ms
17ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a69cc142d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date: Mon, 29 Nov 2021 04:16:01 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 6834
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D8DF
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfcb...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361

95 B
153 B

16ms
16ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6b5904a5eb7b42d5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
date: Mon, 29 Nov 2021 04:16:00 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame D8DF 557 B
498 B 27ms
27ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065e8db3f7fafeab0aba372652272fccc6b486bc46671f9e544338c0bae284ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cf-ray: 6b5904a3685242d5-FRA
date: Mon, 29 Nov 2021 04:16:00 GMT
via: 1.1 google
cf-cache-status: MISS
last-modified: Mon, 29 Nov 2021 04:16:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H3 200 container.html Show response
14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FAFA 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 04:16:00 GMT
expires: Tue, 29 Nov 2022 04:16:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 329 B
160 B 75ms
74ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2879591147309984&correlator=2558783899403095&output=ldjh&impl=fif&eid=31060437%2C31060978%2C21068767&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=168615172%2CGT_PN%2Cad_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&cookie=ID%3De72dd9e1a2cc4ae1%3AT%3D1638159360%3AS%3DALNI_MYTkNYIISGDG2NeSKgG5uZgO8cxVg&bc=31&abxe=1&lmt=1638159360&dt=1638159360491&dlt=1638159359375&idt=529&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=9540&adks=27636735&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x9531&msz=1600x0&psts=AGkb-H9ohpaNzyOPMiGVFPg5B2-TRtntrvLCEJqsoBczuwnkbWnjVKGmLrGHp-IzS1EqZyTCa_FBhqhQET4S4q4N9KIhr6Pag7qpxMs%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H828Y5TXdDQmFg0qx83CgJpWlC18IIcA9Tlo_EE5EH_PuDP1x1E6iEo1VFfgkHJFfeahXWLfFPU-tg1BFNO6WE7Izferg%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-X8_MEz0v-w66Jj5sbJXIx1umrEGv4qEACWqfgkoZ9yWL6P--627j6h34YpZ6ISvmLtRav2VD7l-5wSRz86w6bI-c18WC5cV1X7hN1d2Xv&ga_vid=1219426785.1638159360&ga_sid=1638159360&ga_hid=545057241&ga_fc=true&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

eb0341ecfdc597668e83e947cff801f03ffa1062815bca99d06954c1e5fefaf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 327 B
159 B 73ms
72ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2879591147309984&correlator=2558783899403095&output=ldjh&impl=fif&eid=31060437%2C31060978%2C21068767&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=168615172%2CGT_PN%2Cad_skin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C4x4&cookie=ID%3De72dd9e1a2cc4ae1%3AT%3D1638159360%3AS%3DALNI_MYTkNYIISGDG2NeSKgG5uZgO8cxVg&bc=31&abxe=1&lmt=1638159360&dt=1638159360498&dlt=1638159359375&idt=529&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=9540&adks=3787344750&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x9531&msz=1600x0&psts=AGkb-H9ohpaNzyOPMiGVFPg5B2-TRtntrvLCEJqsoBczuwnkbWnjVKGmLrGHp-IzS1EqZyTCa_FBhqhQET4S4q4N9KIhr6Pag7qpxMs%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H828Y5TXdDQmFg0qx83CgJpWlC18IIcA9Tlo_EE5EH_PuDP1x1E6iEo1VFfgkHJFfeahXWLfFPU-tg1BFNO6WE7Izferg%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-X8_MEz0v-w66Jj5sbJXIx1umrEGv4qEACWqfgkoZ9yWL6P--627j6h34YpZ6ISvmLtRav2VD7l-5wSRz86w6bI-c18WC5cV1X7hN1d2Xv&ga_vid=1219426785.1638159360&ga_sid=1638159360&ga_hid=545057241&ga_fc=true&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f0b8faab1d5d6a454cc2fd73242aeedfac046b39bfc8c9f0053ce13d20eee19b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 330 B
161 B 79ms
78ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2879591147309984&correlator=2558783899403095&output=ldjh&impl=fif&eid=31060437%2C31060978%2C21068767&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=168615172%2CGT_PN%2Cad_sponsor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x40&cookie=ID%3De72dd9e1a2cc4ae1%3AT%3D1638159360%3AS%3DALNI_MYTkNYIISGDG2NeSKgG5uZgO8cxVg&bc=31&abxe=1&lmt=1638159360&dt=1638159360505&dlt=1638159359375&idt=529&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=9540&adks=1143347988&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x9531&msz=1600x0&psts=AGkb-H9ohpaNzyOPMiGVFPg5B2-TRtntrvLCEJqsoBczuwnkbWnjVKGmLrGHp-IzS1EqZyTCa_FBhqhQET4S4q4N9KIhr6Pag7qpxMs%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H828Y5TXdDQmFg0qx83CgJpWlC18IIcA9Tlo_EE5EH_PuDP1x1E6iEo1VFfgkHJFfeahXWLfFPU-tg1BFNO6WE7Izferg%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-X8_MEz0v-w66Jj5sbJXIx1umrEGv4qEACWqfgkoZ9yWL6P--627j6h34YpZ6ISvmLtRav2VD7l-5wSRz86w6bI-c18WC5cV1X7hN1d2Xv&ga_vid=1219426785.1638159360&ga_sid=1638159360&ga_hid=545057241&ga_fc=true&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

959ca14c61ba90f56a1a27a5c318777eb3e3bf190e97943c28d1b3a08db0c8ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lo-vslider-v1207.min.js Show response
dkae4asr0dphj.cloudfront.net/js/ 78 KB
23 KB 64ms
7ms Script
application/javascript 2600:9000:2156:ea00:18:e253:91c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkae4asr0dphj.cloudfront.net/js/lo-vslider-v1207.min.js
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:e253:91c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5fcac8deea68bd29bbfae3c778ff3464a1025b08d03be9d8c5eb48a4844ecde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: ismEw5HeqWSpH_S1EWRlygq.wxe9bqvQ
content-encoding: gzip
last-modified: Tue, 27 Jul 2021 13:31:20 GMT
server: AmazonS3
age: 27600
etag: W/"0865a7806e079fa1291455cc873fc2f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
date: Sun, 28 Nov 2021 20:36:00 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Fba9slHjKx-QnMnx5Eq_K43daxYH6XgyJ4MgPYNUe1-p7u_ULFThww==

GET
H/1.1 200
OK lg.php
adserver.latinon.com/revive/www/delivery/ 43 B
580 B 101ms
100ms Image
image/gif 64.227.27.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adserver.latinon.com/revive/www/delivery/lg.php?bannerid=488&campaignid=125&zoneid=137&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&cb=7110536949

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.227.27.145 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 04:16:00 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=20
X-Xss-Protection: 1; mode=block
Expires: 0

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/15238/ 38 KB
11 KB 52ms
7ms Script
application/json 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 28 Nov 2021 20:40:11 GMT
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 15:35:12 GMT
server: AmazonS3
age: 27350
etag: W/"2b2f816f40499d384e118ce88a266e02"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: YQHVZk1MQLXhoTv-G-pE7kcog48X0dj1h6oWrLALVbpEPWoyqLSbVg==

GET
H2 204 cmp
spl.zeotap.com/ Frame D8DF 0
0 25ms
25ms Document
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b5904a3c8cc42d5-FRA

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame CA2B 19 KB
8 KB 122ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
URL: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 03:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 03:45:04 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CA2B 22 KB
7 KB 169ms
88ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
URL: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 29 Nov 2022 04:16:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA2B 119 KB
36 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
URL: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 04:16:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame FAFA 19 KB
8 KB 157ms
78ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
URL: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 03:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 03:45:04 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FAFA 22 KB
7 KB 125ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
URL: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 10:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 10:12:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAFA 119 KB
36 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
URL: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 04:16:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 4FBF 232 B
446 B 142ms
121ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=f1f5d9310cdf4bbdf0a61407a36fcf65dce510d3

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.publinews.gt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 29 Nov 2021 04:16:00 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 04:16:00 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: ec2d5a4e118b2ceaef6f3103b8876bb02d3c1a2403f2c90ec9000e0af08cf987
content-length: 166

GET
H3 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame CA2B 109 KB
38 KB 84ms
37ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
URL: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
Origin: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 15:59:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 15:59:15 GMT

GET
H2 200 / Show response
vast.aniview.com/api/adserver61/vast/ 819 B
1 KB 230ms
109ms XHR
text/xml 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=5d31fb2628a06116ff22aef3&AV_CHANNELID=5f4452d76e685a1c474b9879&AV_URL=[%%REFERRER_URL_ESC_ESC%%]&cb=[%%CACHEBUSTER%%]&AV_WIDTH=%%WIDTH%%&AV_HEIGHT=%%HEIGHT%%
Requested by: Host: dkae4asr0dphj.cloudfront.net
URL: https://dkae4asr0dphj.cloudfront.net/js/lo-vslider-v1207.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7a1a6c8e06998082ac95645a908b3e98db06233a0693fd00034e795e5c120203

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/xml
access-control-allow-origin: https://www.publinews.gt
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 819
expires: Mon, 29 Nov 2021 04:16:01 GMT

GET
H2 200 close.jpg
dkae4asr0dphj.cloudfront.net/images/ 2 KB
2 KB 8ms
7ms Image
image/jpeg 2600:9000:2156:ea00:18:e253:91c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkae4asr0dphj.cloudfront.net/images/close.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:18:e253:91c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e68f4b07bdaf1c80bfb00f4d3d3a25aea3ae8d4022d6df6d0127f624961f9496

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Wed, 07 Mar 2018 14:07:48 GMT
server: AmazonS3
age: 27617
etag: "bb4035b8e640193e3d64574dbb6e6d95"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Sun, 28 Nov 2021 20:35:53 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1844
x-amz-cf-id: y8CEyq8UBfeX7OdiOcMS06gIwuMnwbpWLeYwvTtbcYHpwkkIyHr1cQ==

GET
H3 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame FAFA 109 KB
38 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
URL: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
Origin: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 15:59:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 15:59:15 GMT

GET
H/1.1 200
OK moment~timeline.c7de492113f2eac2bb49ff9013aa2889.js Show response
platform.twitter.com/js/ 25 KB
8 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.c7de492113f2eac2bb49ff9013aa2889.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: de8383d06a56f08749ed99ad3d43911fe88072a79e9148e2d1dead390f64893f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:52 GMT
Server: ECS (frb/67BC)
Age: 967675
Etag: "643f975645cfdfec2ae02aad7fbc9eea+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8013

GET
H/1.1 200
OK timeline.55167c7072ca7f4363bf18820295ba93.js Show response
platform.twitter.com/js/ 20 KB
7 KB 16ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.55167c7072ca7f4363bf18820295ba93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: 888bc5618973079f4a157c8c94b0afe382e7e957306429c5880e032c83fb8e0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:52 GMT
Server: ECS (frb/67AA)
Age: 967670
Etag: "9539ec9d4bc5c1e5b1953004a6456c51+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6441

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/464412/61516332/1637989320058/header%20normal/ Frame E666 71 KB
18 KB 86ms
40ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/464412/61516332/1637989320058/header%20normal/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4559fbce3949045143b9991f6a0ff26c442d133a8b3164fe83c887d529b5a517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 18632
date: Sun, 28 Nov 2021 09:04:13 GMT
expires: Mon, 29 Nov 2021 09:04:13 GMT
last-modified: Sat, 27 Nov 2021 05:02:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 69107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CA2B 0
23 B 59ms
58ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpsdAZdCt1sV7DDRR84NEdt5wPFt5GvJTrKZoBfqrzjgpXnmn8NygJowmQK7BST2EYXTdeahsK9jH8SMFiUeGiK8D7M71u2Vh7yB3Jd44Wl3wP3--DzFTa0X-ZP0aIzRWZ-Gk9Hry72fGvBKp0Bb-v4scw76cnnZp_cgbaNuEB2urE6Vr1fEgYEy6eWUnr2yfK4jOaSQXi6b9Es_SEMXY40jZigySlt-aIGwpFyYgBcrw-5RqRPKqLuA19lE8p7fzVp3-d17r04p9OYJiId-x2Y2lLJrkOGbehLqV3blZO5LWix0FPsGzBU80tDH8&sig=Cg0ArKJSzM8eUpQ2FZIkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
URL: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 170 KB
14 KB 353ms
330ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_PublinewsGT_old&dnt=false&domain=www.publinews.gt&lang=es&screen_name=PublinewsGT&suppress_response_codes=true&t=1820177&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

e4cdd3d24b12334206807ffc17048fdf6d1d0694072c81fdc05c5f8249f636d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 14127
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 309
last-modified: Mon, 29 Nov 2021 04:16:01 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 0b9ffe70ec8459623e5bde3e529da85b59fa6386197bef278694453914dd487d
timing-allow-origin: *
x-transaction: 4215b7f024b90108
expires: Mon, 29 Nov 2021 04:21:01 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/464412/4895593409/1634144161824/dk/ Frame 963D 71 KB
18 KB 59ms
43ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/464412/4895593409/1634144161824/dk/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

893e5747a8a162b5cbb7784466461bbdd94a5b5ca4451764979da7bf0c69fa36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 18666
date: Sun, 28 Nov 2021 09:04:13 GMT
expires: Mon, 29 Nov 2021 09:04:13 GMT
last-modified: Wed, 13 Oct 2021 16:56:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 69107
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAFA 0
23 B 59ms
58ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZRGQcgp0gHNHnThyBJkb3SoZm4NfDlkVoTW1_vHdURDAWAlQ7wZbTq5H6MTl54Zw8egek0vCtfloH41SGU0p_Ky2Uc2aCnWVj4xawx6zdbMYX57_XqbAt8kyYsBQxayQWKphlbsufUt2nWE2zh5wrkgW02kg4XTBK5vGsR6daV9aZvndxX3J2x6l2hDXpK5dJy3xXLxbgyH8KlgGmBWHNrkriN4GrzBKvPguswD70470ExssFtxJXCrJtjDG-THYX_g3tBtEJJe7XdZ2JP3ehXyLQULr6QgHWR214xO3SrV7dVIKYulj5F8T2Ge4&sig=Cg0ArKJSzCxYZLsKRtPzEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
URL: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 04:16:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 DcmEnabler_01_243.js Show response
s0.2mdn.net/879366/ Frame 963D 29 KB
10 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_243.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/464412/4895593409/1634144161824/dk/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/464412/4895593409/1634144161824/dk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 15:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10603
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 01:55:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 15:54:46 GMT

GET
H3 200 DcmEnabler_01_243.js Show response
s0.2mdn.net/879366/ Frame E666 29 KB
10 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_243.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/464412/61516332/1637989320058/header%20normal/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/464412/61516332/1637989320058/header%20normal/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 15:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10603
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 01:55:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 15:54:46 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame B97F 364 KB
103 KB 23ms
7ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Requested by: Host: dkae4asr0dphj.cloudfront.net
URL: https://dkae4asr0dphj.cloudfront.net/js/lo-vslider-v1207.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: c432f39b6ed36d73635f0dbf81de0567182c55d99423e906d82a33dfa4e2b02e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduqo8RJ8HR1PpoBDvsf0pIKBnsqkqDC26Qe1CauYM_H_buc99xIIMaG6n9qKE3m0fJdm39UXZxyA_qa-5si2Uc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 104516
last-modified: Tue, 23 Nov 2021 08:10:28 GMT
server: UploadServer
etag: "3f2c83ec579fd16705f18ec65a2b02f0"
vary: Accept-Encoding
x-goog-hash: crc32c=bVfBZQ==, md5=PyyD7Fef0WcF8Y7GWisC8A==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1637655028521635
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 104516
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 29 Nov 2021 04:21:01 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAFA 0
0 59ms
58ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHvhTggF1jrvYMLd1pPRVnbvUSnxIIF6M_FoFTU-6ekYK-ZXp4FUEfiHQyFrw8rUzCIcei89ycW1_ganVe0ILPsUpv_O9p4uPrEgY7HzHs7fj6YPOdyJ6EZfE2DrG0RTlS1kLB9EUJDOJlIahjuncE6AzfBDeQKb3gSsEFynCy2dp35y72uzQcMI6yqpYIRFOCxDIdIYG6JBhuTvUUnpFYGCJY7hniPJbGIn45kz_h8xu13keawiw8PjbcwRhPOl449LxwUV_0Gp88oaCMwfid0IUzhvLo-9KJHrx0416fKSYHFo62yM6FlrxGSuOTxA&sig=Cg0ArKJSzC0hn7_tiycyEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 29 Nov 2021 04:16:01 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CA2B 0
0 59ms
58ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6LWfI_cNPXFG8fsX9dAAyA-JLO3D0JaVVsDZNwIo9l0SWjIL57PlEO2485tUk9zcofUVTFoBPdbVj9VBdbl3tfsDHx4zA98vWjWW2y3DYWhO1WvVaebrllmfq0fPEoByvrPHFpFXxOMvAqEAfKP5Lu7MdoGPwlXP6R9KmBdDZKWwhd5P0Uaw0XGRU6u1Ms_lYbAjhGZK1W-yfFB4htDJg4-IH6OBiRBDMwTfJ_W_wTGIAtSiqcaAGpD36H8emUpxm_3a6SEtTiuZBA8hUdUjMUpIJQSOQ_i-X3ACxG_0c56WLuM4OO67r_nns_9tV5w&sig=Cg0ArKJSzGFumVPv4JZ4EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 29 Nov 2021 04:16:01 GMT

GET
H3 200 2.jpg
s0.2mdn.net/dfp/464412/4895593409/1634144161824/dk/ Frame 963D 29 KB
29 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/464412/4895593409/1634144161824/dk/2.jpg

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

912c4c41d8cdfdc18db66b83a077d2d32b25214a5b11006046678b5db263d19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/464412/4895593409/1634144161824/dk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 21:35:20 GMT
x-content-type-options: nosniff
age: 24041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29768
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 16:56:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 21:35:20 GMT

GET
H3 200 1.jpg
s0.2mdn.net/dfp/464412/4895593409/1634144161824/dk/ Frame 963D 29 KB
29 KB 52ms
51ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/464412/4895593409/1634144161824/dk/1.jpg

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f287a0eb7bf83583fd215fb1a2ef597390932d2fbb07b6785d539648a0e864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/464412/4895593409/1634144161824/dk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 21:35:20 GMT
x-content-type-options: nosniff
age: 24041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29209
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 16:56:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 21:35:20 GMT

GET
H3 200 2.jpg
s0.2mdn.net/dfp/464412/61516332/1637989320058/header%20normal/ Frame E666 105 KB
105 KB 86ms
86ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/464412/61516332/1637989320058/header%20normal/2.jpg

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de919ef8bb324fe3a49490a07f1e4090b4af332836db1098331971108a611f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/464412/61516332/1637989320058/header%20normal/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Nov 2021 05:02:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107972
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 04:16:01 GMT

GET
H3 200 1.jpg
s0.2mdn.net/dfp/464412/61516332/1637989320058/header%20normal/ Frame E666 105 KB
105 KB 131ms
130ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/464412/61516332/1637989320058/header%20normal/1.jpg

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de919ef8bb324fe3a49490a07f1e4090b4af332836db1098331971108a611f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/464412/61516332/1637989320058/header%20normal/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Nov 2021 05:02:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107972
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 04:16:01 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 368ms
169ms Image
text/plain 52.73.70.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.publinews.gt&sn=&ic=0&tgt=1&app=&wi=480&he=270&test=&d36=6.1.2.89&apppkg=&fv=1&proto=https&pid=5d31fb2628a06116ff22aef3&cid=5f4452d76e685a1c474b9879&stagid=&stplid=&e=inventory&vi=100&cb=1638159361118
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.70.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-70-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
gov.aniview.com/api/adserver/tag/ 17 KB
4 KB 380ms
151ms XHR
application/json 54.146.189.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gov.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&AV_CHANNELID=5f4452d76e685a1c474b9879&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&pce=1&npx=1&AV_DETDOMAIN=www.publinews.gt&AV_DADPOS=1&d36=6.1.2.89&sver=1&avtoken=361118&AV_WIDTH=480&AV_HEIGHT=270&AV_DNT=0&cb=1638159361133
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.189.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-189-157.compute-1.amazonaws.com
Software: /
Resource Hash: bf31a093438aaa469977520bf95a0d986b6d5aac2a0109709d69e602031bda60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Nov 2021 14:29:21 GMT

GET
DATA 200
OK truncated
/ Frame B97F 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
c.mgid.com/pv/ 0
280 B 65ms
56ms Script
text/plain 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1638159361149737554921&uniqId=0ede3&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&lu=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=61a45401-040d8&pageView=1&pvid=17d69e8247ea434dd44&site=708914&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b5904a74cb64ed3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 27ms
18ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 2464
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: TV9EGYWE00S199ZT
x-amz-id-2: PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6b5904a75cd84ed3-FRA
expires: Tue, 30 Nov 2021 04:16:01 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
904 B 26ms
17ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 2463
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6b5904a75cdb4ed3-FRA
expires: Tue, 30 Nov 2021 04:16:01 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1129387/ 3 KB
2 KB 68ms
59ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1129387/1?pv=5&cbuster=1638159361225478057122&uniqId=0ede3&niet=4g&nisd=false&jsv=es6&w=1360&h=308&p3_w=326&p3_h=248&maxw_3=326&maxh_3=248&cols=4&ref=&cxurl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&lu=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=61a45401-040d8&pageView=1&pvid=17d69e8247ea434dd44&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f522ff3202b7c63bc8aba9d3c56963ee4a4bc6477a5ec3498bc62055872134f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b5904a7bd364ed3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 NmUO3H0x
pbs.twimg.com/card_img/1465161098072580096/ Frame E8AD 34 KB
34 KB 32ms
22ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465161098072580096/NmUO3H0x?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A8) /

Resource Hash

6b820fb99ab86da66fab0ebdbb099cad41e6431766f78e887c60585f882aae50

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 1367
x-cache: MISS
content-length: 34364
x-response-time: 226
surrogate-key: card_img card_img/bucket/2 card_img/1465161098072580096
last-modified: Mon, 29 Nov 2021 03:28:01 GMT
server: ECS (frb/67A8)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c106a9a21fb8a54b3ec13265321b008e1c796f88ac84b29ed093bdf916ef9ba1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 3hdwj74l
pbs.twimg.com/card_img/1465147745132589065/ Frame E8AD 55 KB
55 KB 25ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465147745132589065/3hdwj74l?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) /

Resource Hash

569c316c92130ef0fa343d640a6ea9cbb64923de4e9707e9bd0eca8dd11a12a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 1367
x-cache: MISS
content-length: 56419
x-response-time: 250
surrogate-key: card_img card_img/bucket/1 card_img/1465147745132589065
last-modified: Mon, 29 Nov 2021 02:34:58 GMT
server: ECS (frb/67C1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a4c746c39aa43d37a09a2d9af9128f8d292e63ddd1fb0868451017c5925e2729
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 umpjYrha
pbs.twimg.com/card_img/1465126910464307205/ Frame E8AD 27 KB
27 KB 38ms
29ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465126910464307205/umpjYrha?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/675D) /

Resource Hash

800b08cefce5fb7380e3133c0b7a8b6e6a7fa779c1cc42b7c2d40a64c7f57bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 10416
x-cache: MISS
content-length: 27604
x-response-time: 249
surrogate-key: card_img card_img/bucket/4 card_img/1465126910464307205
last-modified: Mon, 29 Nov 2021 01:12:10 GMT
server: ECS (frb/675D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 43a0db12f2645a1845b30ae7e2b6fa3c54192f551690199a154bd7ab783d22de
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1sWelQ8g
pbs.twimg.com/card_img/1465126973986979845/ Frame E8AD 44 KB
44 KB 38ms
28ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465126973986979845/1sWelQ8g?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6731) /

Resource Hash

1133355be75f91efecc6366167fde50cfc402509f7b55c034ecdb3811678abd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 10854
x-cache: MISS
content-length: 44903
x-response-time: 278
surrogate-key: card_img card_img/bucket/3 card_img/1465126973986979845
last-modified: Mon, 29 Nov 2021 01:12:25 GMT
server: ECS (frb/6731)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fd930b239c696df6863debeab8d0990a66373353cf414d8e5c25f2951766a0a9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 _QyV3r2g
pbs.twimg.com/card_img/1465108642949173255/ Frame E8AD 39 KB
40 KB 37ms
28ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465108642949173255/_QyV3r2g?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) /

Resource Hash

050aa9ec6094750bbc959ee2e2bd3f50395f7e5448879bfb9e86985040b54f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 12728
x-cache: MISS
content-length: 40277
x-response-time: 259
surrogate-key: card_img card_img/bucket/8 card_img/1465108642949173255
last-modified: Sun, 28 Nov 2021 23:59:35 GMT
server: ECS (frb/67A7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ed6dc03bac74ad0153db35c74dd3f276c5c1db2d2767dc2080456ab83d4cb1de
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f1ec-1f1f9.png
abs.twimg.com/emoji/v2/72x72/ Frame E8AD 638 B
1004 B 33ms
10ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1ec-1f1f9.png

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FDD) /

Resource Hash

cd79957826023b93eab46e5e3719d77b72dadecac521341e572fa9ebb4b19dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 12408211
x-ton-expected-size: 638
x-cache: HIT
content-length: 638
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:26 GMT
server: ECAcc (frc/8FDD)
etag: "bg9/Nqym4eyDkrpkhf7yAg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 232b86fcecfc599dd20383ffb6d66d60
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 29 Nov 2022 04:16:01 GMT

GET
H2 200 1f949.png
abs.twimg.com/emoji/v2/72x72/ Frame E8AD 946 B
1 KB 34ms
11ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f949.png

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F51) /

Resource Hash

c8593c2996b948cb3854d0a3c46666cbeccfa205050f5d42716da3326857525f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 12764609
x-ton-expected-size: 946
x-cache: HIT
content-length: 946
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Fri, 18 Jan 2019 20:58:10 GMT
server: ECAcc (frc/8F51)
etag: "kSFSMA1Bw7YwcDNEp9zMfw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2231ea5c8adf6caa9933df01475a7a0c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 29 Nov 2022 04:16:01 GMT

GET
H2 200 1f4f7.png
abs.twimg.com/emoji/v2/72x72/ Frame E8AD 640 B
786 B 35ms
13ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4f7.png

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E9C) /

Resource Hash

b1fcb4195f263e661c3fd4acc656f32e8a467ee28f50ba995cda9bb7902ae746

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 12509335
x-ton-expected-size: 640
x-cache: HIT
content-length: 640
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:13:30 GMT
server: ECAcc (frc/8E9C)
etag: "4XWDdaCoyjFfbfkO2aF0UA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 421ae822be87915742f4dfd8edb3c89a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 29 Nov 2022 04:16:01 GMT

GET
H2 200 IRnDNCBx
pbs.twimg.com/card_img/1465107145276461056/ Frame E8AD 175 KB
176 KB 32ms
28ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465107145276461056/IRnDNCBx?format=png&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

1a09fe33a55d9a430e4889891492cd7ebd2c839259aa9f1e2fc0b67a908388d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 14947
x-cache: MISS
content-length: 179537
x-response-time: 272
surrogate-key: card_img card_img/bucket/7 card_img/1465107145276461056
last-modified: Sun, 28 Nov 2021 23:53:38 GMT
server: ECS (frb/67F2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c795b04e40646d31cfa05b37560b8566a02ba2f043d8be0846898be719784a6a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GIpOvpHe
pbs.twimg.com/card_img/1465099349059256323/ Frame E8AD 30 KB
30 KB 16ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465099349059256323/GIpOvpHe?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

32da9aa631e908c60315f445f8a44e4808940c2fcb7a1840c8c2e8e3f6c62353

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 17225
x-cache: MISS
content-length: 30750
x-response-time: 237
surrogate-key: card_img card_img/bucket/3 card_img/1465099349059256323
last-modified: Sun, 28 Nov 2021 23:22:39 GMT
server: ECS (frb/6794)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ea300058187bf842f8a2cea20ef76deb9229fdaf43a2619c91cdecd2e38ed575
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 j44wN2ku
pbs.twimg.com/card_img/1465098435191873543/ Frame E8AD 50 KB
50 KB 16ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465098435191873543/j44wN2ku?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C2) /

Resource Hash

31f24a77df42abbe0d016c67f92cffb81a0d9b18d456e164072622dd460e2d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 17409
x-cache: MISS
content-length: 51259
x-response-time: 280
surrogate-key: card_img card_img/bucket/0 card_img/1465098435191873543
last-modified: Sun, 28 Nov 2021 23:19:01 GMT
server: ECS (frb/67C2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e4b77bcf863c741de55dc65a4fef256052583edf8c44df43bf2230beb381abcd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 26bd.png
abs.twimg.com/emoji/v2/72x72/ Frame E8AD 1 KB
1 KB 13ms
12ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/26bd.png

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F24) /

Resource Hash

325f22f082d877326c2920368c869974f59eabee083b21c8f96bb995ce6c6acb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 12943388
x-ton-expected-size: 1324
x-cache: HIT
content-length: 1324
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:14:28 GMT
server: ECAcc (frc/8F24)
etag: "cNI7AIkuD5pWwWcZFPq2ug=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2c654534b375ab4864c9aebb61ce539d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 29 Nov 2022 04:16:01 GMT

GET
H2 200 1f3c5.png
abs.twimg.com/emoji/v2/72x72/ Frame E8AD 1 KB
1 KB 16ms
16ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f3c5.png

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E99) /

Resource Hash

1dca76e973cb230decf4598a9772cf449a9fd5baad85dd30136e7da56aae695d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 9366618
x-ton-expected-size: 1059
x-cache: HIT
content-length: 1059
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Fri, 18 Jan 2019 20:56:37 GMT
server: ECAcc (frc/8E99)
etag: "lsWX/z63nu06Nts77AMQmQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: c985c046ef6eb659fbf74bebf22f954ec631316b6398e0ce5fd8fc4257a9737b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 29 Nov 2022 04:16:01 GMT

GET
H2 200 jUWgI0GL
pbs.twimg.com/card_img/1465079179016380425/ Frame E8AD 36 KB
36 KB 17ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465079179016380425/jUWgI0GL?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

c344293ae037d3d1d273dbaf5416057c6652851f15c7df86c819cac766a3ff24

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 22273
x-cache: MISS
content-length: 36726
x-response-time: 336
surrogate-key: card_img card_img/bucket/2 card_img/1465079179016380425
last-modified: Sun, 28 Nov 2021 22:02:30 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bf6e456c683a57e2d9f8e376ad23f9935e662d0bcedaaa06627518fd4d11d063
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 26aa.png
abs.twimg.com/emoji/v2/72x72/ Frame E8AD 411 B
572 B 17ms
16ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/26aa.png

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FEA) /

Resource Hash

1c4e14ec79b11cbb61ae9332942ec90a44f26fe59e1b6455c570c38818e4df00

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 12252546
x-ton-expected-size: 411
x-cache: HIT
content-length: 411
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECAcc (frc/8FEA)
etag: "dafZ82eoaODaCiLiAxTcJg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 94b8be0827387c81429baf76bada0c1778eef0d1b89068805eb94bd4e1954ba5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 29 Nov 2022 04:16:01 GMT

GET
H2 200 1f534.png
abs.twimg.com/emoji/v2/72x72/ Frame E8AD 411 B
546 B 17ms
16ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f534.png

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F87) /

Resource Hash

8357d105502700ba0d88bc4b5e7e0e03a6c43506e63f7db2c4d644621f2e4827

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 13489933
x-ton-expected-size: 411
x-cache: HIT
content-length: 411
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:26 GMT
server: ECAcc (frc/8F87)
etag: "kEsHbz06CYCGlWgw3CnvcA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 8c3b1d302d3e6bb5bc2c17a2d62fba9d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 29 Nov 2022 04:16:01 GMT

GET
H2 200 1f3df.png
abs.twimg.com/emoji/v2/72x72/ Frame E8AD 1 KB
1 KB 16ms
15ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f3df.png

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F0A) /

Resource Hash

4a51d17e2ae6c6997ddb2a88d2304c20f64a1cb968f43a9b5e6dbec12a9c7f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 11389040
x-ton-expected-size: 1237
x-cache: HIT
content-length: 1237
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:33 GMT
server: ECAcc (frc/8F0A)
etag: "bsydaOExb+ZfS/AtKlvJKw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: fad26cf412a1f71678dad79c1ca4a5fe7d951eec824b72ab9321ca55a2ea83a0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 29 Nov 2022 04:16:01 GMT

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame E8AD 53 KB
12 KB 7ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:49 GMT
Server: ECS (frb/6796)
Age: 967676
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 7ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:49 GMT
Server: ECS (frb/6796)
Age: 967676
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 nECWRbnd_normal.jpg
pbs.twimg.com/profile_images/1356118975776759808/ Frame E8AD 2 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1356118975776759808/nECWRbnd_normal.jpg

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669F) /

Resource Hash

b07c38372a1e49cf3c8b20e4e238aa367c4da67aa21b762d67cf19f1366141bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 572526
x-cache: HIT
content-length: 1807
x-response-time: 115
surrogate-key: profile_images profile_images/bucket/9 profile_images/1356118975776759808
last-modified: Mon, 01 Feb 2021 05:53:33 GMT
server: ECS (frb/669F)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 72a6fefa91712b727117b79f89745db1b776e6c8a7460f246a4ad5d8a0526048
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 HD-e4Q5H_normal.jpg
pbs.twimg.com/profile_images/1006785727991107584/ Frame E8AD 2 KB
3 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1006785727991107584/HD-e4Q5H_normal.jpg

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6739) /

Resource Hash

16d38d0cc8b1a2929c8634e25aaac00bf76a8b3a5083fffcac5d18624747be82

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 117124
x-cache: HIT
content-length: 2415
x-response-time: 122
surrogate-key: profile_images profile_images/bucket/5 profile_images/1006785727991107584
last-modified: Wed, 13 Jun 2018 06:27:57 GMT
server: ECS (frb/6739)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5abff80e5aa2779ab34ed070addc5da105c4dc08ba32fc6caf3a6769c1db4d6d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 LlnOrfBb_normal.jpg
pbs.twimg.com/profile_images/1395441367774547970/ Frame E8AD 2 KB
2 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1395441367774547970/LlnOrfBb_normal.jpg

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C2) /

Resource Hash

b812f5894799de22e0d52b37f0374e5b56204ad55f7b1efdf7ecf52c48be1411

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 185148
x-cache: HIT
content-length: 2263
x-response-time: 128
surrogate-key: profile_images profile_images/bucket/5 profile_images/1395441367774547970
last-modified: Thu, 20 May 2021 18:06:42 GMT
server: ECS (frb/67C2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ea9524df9f4dd1b35be1b3809dd4e8194c1b4e43988bbbee4ee1f4dbfdc0639c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FFUvbp7WQAMId0b
pbs.twimg.com/media/ Frame E8AD 71 KB
71 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FFUvbp7WQAMId0b?format=jpg&name=small

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

df6b5f74ee7567e54fc461f6cb5a69d9a39c1aa00e055ffaed33cac2d3b53c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 10206
x-cache: HIT
content-length: 72460
x-response-time: 227
surrogate-key: media media/bucket/1 media/1465129405936713731
last-modified: Mon, 29 Nov 2021 01:22:05 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b174165fa0c9b9f9c6a3630069b6f877e32e5e659a82bdf48e2b4949ea8a9500
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FFUilJ_WQAYn2-L
pbs.twimg.com/media/ Frame E8AD 34 KB
34 KB 19ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FFUilJ_WQAYn2-L?format=jpg&name=small

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6727) /

Resource Hash

052a05537c8075c1f9eb8d2aed8cdbac175cde2865249faf0670e96ed919fa51

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 13499
x-cache: MISS
content-length: 34385
x-response-time: 226
surrogate-key: media media/bucket/9 media/1465115275511087110
last-modified: Mon, 29 Nov 2021 00:25:56 GMT
server: ECS (frb/6727)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e0e0eb57889a716a84e80fab55730db3b18c05d88a20967a1e41bdebbb4f5c70
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FFUgRKqWYAY6QCl
pbs.twimg.com/media/ Frame E8AD 61 KB
61 KB 16ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FFUgRKqWYAY6QCl?format=jpg&name=small

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) /

Resource Hash

2474659f728c780197739ecebba60f34fc1ee6012cf388e231ad01a56fc2621d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 13869
x-cache: MISS
content-length: 62497
x-response-time: 229
surrogate-key: media media/bucket/1 media/1465112733070811142
last-modified: Mon, 29 Nov 2021 00:15:50 GMT
server: ECS (frb/6725)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e4094f498775b0b19b1d9c960327c30b7a806694206168735a99f027c37b5235
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FFUgf2lWUAEpqB3
pbs.twimg.com/media/ Frame E8AD 68 KB
68 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FFUgf2lWUAEpqB3?format=jpg&name=small

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) /

Resource Hash

a52825a7901f0705ae5580c7527ed6a2fefb3a6c47ae794030e4989969bf77af

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 14199
x-cache: HIT
content-length: 69528
x-response-time: 212
surrogate-key: media media/bucket/8 media/1465112985379164161
last-modified: Mon, 29 Nov 2021 00:16:50 GMT
server: ECS (frb/6713)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2ecc7cd926732f8031c888c505d1a4cb4ee69d08cb69ebed53db8467172c8f95
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 -k7PiOKRUp3GfXxP
pbs.twimg.com/ext_tw_video_thumb/1465085327287230464/pu/img/ Frame E8AD 21 KB
21 KB 17ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1465085327287230464/pu/img/-k7PiOKRUp3GfXxP?format=jpg&name=small

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) /

Resource Hash

e75cfbce23be851a026507f6ffe9d28df67e7fa1442418e8953e7ec1284edc7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 20777
x-cache: MISS
content-length: 21674
x-response-time: 213
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/7 ext_tw_video_thumb/1465085327287230464
last-modified: Sun, 28 Nov 2021 22:26:56 GMT
server: ECS (frb/6725)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c897a764c863fd8babbf18bb6b2b947f1f54d6c5d8740d93154f94162b33f763
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 QU0aFTRn99nWmMpz
pbs.twimg.com/ext_tw_video_thumb/1465082143416201217/pu/img/ Frame E8AD 14 KB
14 KB 17ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1465082143416201217/pu/img/QU0aFTRn99nWmMpz?format=jpg&name=small

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) /

Resource Hash

872ec7cac15a563bfd0a02ddf0f73608ac02b9b8f98c778b9ce515da094d654b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 21576
x-cache: MISS
content-length: 14307
x-response-time: 238
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/2 ext_tw_video_thumb/1465082143416201217
last-modified: Sun, 28 Nov 2021 22:14:17 GMT
server: ECS (frb/67BC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 323aaba9a42f6accb19f02463e8a2b4387382c622039a090e1a04d3d156f09a4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 puWmd6DYIsgXhLLs
pbs.twimg.com/ext_tw_video_thumb/1465077669297598471/pu/img/ Frame E8AD 12 KB
13 KB 9ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1465077669297598471/pu/img/puWmd6DYIsgXhLLs?format=jpg&name=small

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

330dba950f9e4e4470ab91680739bf8220be7424c63cf035185fb39dfe4e3a50

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 22621
x-cache: HIT
content-length: 12768
x-response-time: 128
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/5 ext_tw_video_thumb/1465077669297598471
last-modified: Sun, 28 Nov 2021 21:56:30 GMT
server: ECS (frb/67BA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 38440b7c10c69edbedf4e91f68e1c82785c3b1d447c423e28fa270675d820fc0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GK5akpkwEdDBhYj9
pbs.twimg.com/ext_tw_video_thumb/1465075056669773831/pu/img/ Frame E8AD 3 KB
3 KB 15ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1465075056669773831/pu/img/GK5akpkwEdDBhYj9?format=jpg&name=small

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) /

Resource Hash

ed3dfcb0d22e4b160814f6dc9a04ad2eec329a55ade39871b285be605543978a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 23133
x-cache: MISS
content-length: 2985
x-response-time: 116
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/9 ext_tw_video_thumb/1465075056669773831
last-modified: Sun, 28 Nov 2021 21:46:07 GMT
server: ECS (frb/668B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fa31e51c9ecb3598d469978009db73c09a51aeb3d68771ed23b37b938284c2d8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FFUrMR5XMAEGjWI
pbs.twimg.com/media/ Frame E8AD 5 KB
5 KB 17ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FFUrMR5XMAEGjWI?format=jpg&name=240x240

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6776) /

Resource Hash

5e7a3fcf1342343f51cb1edeaf41bac53057d8b8733100c082be2f8cc53b9340

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 11189
x-cache: MISS
content-length: 4670
x-response-time: 133
surrogate-key: media media/bucket/3 media/1465124743741386753
last-modified: Mon, 29 Nov 2021 01:03:34 GMT
server: ECS (frb/6776)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b2747827ffc905f22c560a9fb4d4da31e6c5733dd0ad190e3c320e958108c79c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FFUrMR5XsAILQ5q
pbs.twimg.com/media/ Frame E8AD 38 KB
38 KB 8ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FFUrMR5XsAILQ5q?format=png&name=360x360

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) /

Resource Hash

c687421b4d03ee07a1266e1ece740eba2f7d666eb232d433b5c35203ae52f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 11349
x-cache: HIT
content-length: 38479
x-response-time: 248
surrogate-key: media media/bucket/2 media/1465124743741419522
last-modified: Mon, 29 Nov 2021 01:03:34 GMT
server: ECS (frb/67C1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4f9321aead47b1365fedc4a7de19722247eab38f10fb5133b42e926cf4e3c4b8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FFUGy1XWQAMQa1d
pbs.twimg.com/media/ Frame E8AD 10 KB
10 KB 17ms
17ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FFUGy1XWQAMQa1d?format=jpg&name=240x240

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67AA) /

Resource Hash

b4a6fe0d1f924561c85bc0bba6e0228f1783050e1bcd405f9a18082f7f850263

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 20777
x-cache: MISS
content-length: 10333
x-response-time: 133
surrogate-key: media media/bucket/3 media/1465084724167196675
last-modified: Sun, 28 Nov 2021 22:24:32 GMT
server: ECS (frb/67AA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 302dff0959599d5be8ffaf453b620149d6bd57807e3149697fc3f029436da765
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FFUGy0oXEAAtyxF
pbs.twimg.com/media/ Frame E8AD 8 KB
9 KB 20ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FFUGy0oXEAAtyxF?format=jpg&name=240x240

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) /

Resource Hash

21a80bbe8aa391dec1138ee9d7d4b06bd0b7e4c561c7b007c69f72163e54e9c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 20777
x-cache: MISS
content-length: 8683
x-response-time: 146
surrogate-key: media media/bucket/8 media/1465084723970117632
last-modified: Sun, 28 Nov 2021 22:24:32 GMT
server: ECS (frb/6711)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1be5337f74b41848cde7d0dc701fe02a4abf68a27ed5cac159d550f3dc6482a9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FFUGy0rXwAMwkWD
pbs.twimg.com/media/ Frame E8AD 9 KB
9 KB 17ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FFUGy0rXwAMwkWD?format=jpg&name=240x240

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D5) /

Resource Hash

5f1633696885dd88b7572159d97688b6f24bb4247189b72149b053a9386b14f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 20777
x-cache: MISS
content-length: 9493
x-response-time: 143
surrogate-key: media media/bucket/2 media/1465084723982745603
last-modified: Sun, 28 Nov 2021 22:24:32 GMT
server: ECS (frb/67D5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a0c2ee1493dbd8f3741cd31a402878ead47978b5e16282dda58df895e5798907
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FFUGy0tWUAInXK-
pbs.twimg.com/media/ Frame E8AD 8 KB
9 KB 18ms
18ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FFUGy0tWUAInXK-?format=jpg&name=240x240

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

e3fdd55b7bee05cd35d90db7745642b4bf41e67a2cc564a2e3ea51d05e2f2e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 20777
x-cache: MISS
content-length: 8614
x-response-time: 130
surrogate-key: media media/bucket/7 media/1465084723991040002
last-modified: Sun, 28 Nov 2021 22:24:32 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4e2eb301846a17d7be52f32b7567584a5db55b6ec5d02e030576f5656c17496e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0L2UzODczNWMyYThkOWU1YmU2M2EyY2Y4MGZiMjNkNzkzLmpwZWc.webp
s-img.mgid.com/g/4147883/492x277/0x58x624x416/ 8 KB
8 KB 136ms
111ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4147883/492x277/0x58x624x416/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0L2UzODczNWMyYThkOWU1YmU2M2EyY2Y4MGZiMjNkNzkzLmpwZWc.webp?v=1638159361-kegt1N853Qp1Q99ejA64Nlz3J_uBXH51G6PmH9HBzz0
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 319b0714ca24bf51a951c0d3b55fae7c7a8e21900d9147511197450b470867f5

Request headers

Referer: https://www.publinews.gt/
Origin: https://www.publinews.gt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:57:57 GMT
x-mg-request-uuid: af27f8e1-c198-44b2-8c81-5897339a7890
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6b5904a87d172bf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7924
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMzc5LHlfMTI4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC85YWNjY...
s-img.mgid.com/g/10839628/492x277/-/ 20 KB
20 KB 145ms
121ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10839628/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMzc5LHlfMTI4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC85YWNjYjNiYjRkMGM0ZjJiZDM0ODU4NTRjNGMzMmZlMC5qcGVn.webp?v=1638159361-iO9WGRsNYneyXhzQNCdA7N-AL-MHZaLmsjy-o1-q0TI
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c399440603be8cadf5ac8794019cafef0749301b9d384d71187d67026fcbcdc0

Request headers

Referer: https://www.publinews.gt/
Origin: https://www.publinews.gt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:40:57 GMT
x-mg-request-uuid: fa5d1224-129d-4a78-b100-1da49a2ecda0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6b5904a87d192bf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20484
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMTAvMTAxOTI0L2ZmMDczNjRiNzU1MjEzYWEzNmIwOGM5Nzk1NjBmMWQ5LmpwZz90PTE0OTQ0NDY1MDk4MTY.webp
s-img.mgid.com/g/3805432/492x277/0x0x492x328/ 7 KB
7 KB 134ms
117ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805432/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMTAvMTAxOTI0L2ZmMDczNjRiNzU1MjEzYWEzNmIwOGM5Nzk1NjBmMWQ5LmpwZz90PTE0OTQ0NDY1MDk4MTY.webp?v=1638159361-QAce4k_yhzA7O0znInPk0c8MsIUUoPSLy6VVFR92crw
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 483481ad7a0fc01179ff6fb1d62a3714269c66d2622e9fb1e532d4907146b6ef

Request headers

Referer: https://www.publinews.gt/
Origin: https://www.publinews.gt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:42:29 GMT
x-mg-request-uuid: 6a73fbcf-2081-41cc-81a8-3daa3838d1b1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6b5904a87d1b2bf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7254
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzEwZjkyNjFlYTNiZmFhMTFlMTQ5ODZmYTk1Y2I0MmU4LmpwZz90PTE0OTE5OTE3MjA5MTc.webp
s-img.mgid.com/g/3805560/492x277/0x0x492x328/ 8 KB
8 KB 358ms
357ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805560/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzEwZjkyNjFlYTNiZmFhMTFlMTQ5ODZmYTk1Y2I0MmU4LmpwZz90PTE0OTE5OTE3MjA5MTc.webp?v=1638159361-5cdktE9BI8VWAOHTHGHBryCePwo4bhtJqJ_o3ElcRHg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b441ddac6946e4c489b0a461206132f107dd51bb10ea187216f681a62119f7e9

Request headers

Referer: https://www.publinews.gt/
Origin: https://www.publinews.gt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:56:35 GMT
x-mg-request-uuid: f2f0b222-2ef4-450e-bb23-3f0d82140e9e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6b5904a88d2c2bf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7778
server: cloudflare

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame E8AD 44 KB
7 KB 36ms
10ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 316493
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 6
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: ea98641f581e21d6f2842597bceaa62fa119a42afe67e1bc12085d61e0b0bd60
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 06 Dec 2021 04:16:01 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 7ms
7ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 316493
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 6
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: ea98641f581e21d6f2842597bceaa62fa119a42afe67e1bc12085d61e0b0bd60
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 06 Dec 2021 04:16:01 GMT

GET
DATA 200
OK truncated
/ Frame E8AD 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame E8AD 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame E8AD 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame E8AD 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame E8AD 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame E8AD 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame E8AD 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5582 42 B
497 B 149ms
57ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss24bsXZiyvasi3DJXfVkj2zjMvtuqE9ho6Q4vSkvMPBFCUj2R1MsUSguMtZeQUujZIP_FXWjkVcjhoVHKFtMwXUXu6GF7Z_QtKHUtrQiQXn-arU-SX&sig=Cg0ArKJSzGceGz_DYR0UEAE&id=lidar2&mcvt=1000&p=8,0,808,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3023400616&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638159360138&rpt=307&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
975 B 71ms
62ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1638159361468577643171
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c509db66493d4bdec3fef4ddecb840c474d56af96491742323e472ddac08417c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b5904a93e834ed3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame EF98 19 B
143 B 57ms
57ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1638159361487526343772
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b5904a94e914ed3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 NmUO3H0x
pbs.twimg.com/card_img/1465161098072580096/ Frame E8AD 34 KB
34 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465161098072580096/NmUO3H0x?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A8) /

Resource Hash

6b820fb99ab86da66fab0ebdbb099cad41e6431766f78e887c60585f882aae50

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 1367
x-cache: HIT
content-length: 34364
x-response-time: 226
surrogate-key: card_img card_img/bucket/2 card_img/1465161098072580096
last-modified: Mon, 29 Nov 2021 03:28:01 GMT
server: ECS (frb/67A8)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c106a9a21fb8a54b3ec13265321b008e1c796f88ac84b29ed093bdf916ef9ba1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 3hdwj74l
pbs.twimg.com/card_img/1465147745132589065/ Frame E8AD 55 KB
55 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465147745132589065/3hdwj74l?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) /

Resource Hash

569c316c92130ef0fa343d640a6ea9cbb64923de4e9707e9bd0eca8dd11a12a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 1367
x-cache: HIT
content-length: 56419
x-response-time: 250
surrogate-key: card_img card_img/bucket/1 card_img/1465147745132589065
last-modified: Mon, 29 Nov 2021 02:34:58 GMT
server: ECS (frb/67C1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a4c746c39aa43d37a09a2d9af9128f8d292e63ddd1fb0868451017c5925e2729
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2

204

sync
pixel.advertising.com/ups/58246/ Frame FFD0
Redirect Chain

https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

0
0

11ms
10ms

Document
text/plain

3.122.145.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.122.145.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-122-145-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000

Redirect headers

date: Mon, 29 Nov 2021 04:16:01 GMT
content-length: 0
location: https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 8163
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638159361041-926266246083-005649-001-002202%26biddername%3D200%26key%3D%5BRX_UUI...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3640232785
https://sync.1rx.io/usersync/tradedesk/646e248e-bc67-48ca-8f5b-e472d1b7d497
https://sync.targeting.unrulymedia.com/csync/RX-b8f83d16-3377-43da-912a-e9a306a7188d-003?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638159361041-926266246083-005649-001-002...
https://sync.aniview.com/cookiesyncendpoint?auid=1638159361041-926266246083-005649-001-002202&biddername=200&key=RX-b8f83d16-3377-43da-912a-e9a306a7188d-003

0
252 B

300ms
97ms

Document
text/plain

3.212.101.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1638159361041-926266246083-005649-001-002202&biddername=200&key=RX-b8f83d16-3377-43da-912a-e9a306a7188d-003
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.101.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-101-249.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
content-length: 0

Redirect headers

server: Tengine
date: Mon, 29 Nov 2021 04:16:01 GMT
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.aniview.com/cookiesyncendpoint?auid=1638159361041-926266246083-005649-001-002202&biddername=200&key=RX-b8f83d16-3377-43da-912a-e9a306a7188d-003
etag: RXb8f83d16337743da912ae9a306a7188d003

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 884A 2 KB
823 B 46ms
18ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2F9E 14 KB
5 KB 34ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638159361041-926266246083-005649-001-002202%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=85444
expires: Tue, 30 Nov 2021 04:00:05 GMT
date: Mon, 29 Nov 2021 04:16:01 GMT
vary: Accept-Encoding

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame B97F 314 KB
98 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9df87f102ba3f629420b9f0b6c1b18fa6f951a199e4c8b8489449a2b2cd2d9f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu3-5bE1exR3lTAQhOjvEZnWJ8_JZPK6DdzTRspqK_5n66U2ad7WtYCykLyfjXhJyGlXyf6uczuCdX-yHbzedg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 99492
last-modified: Tue, 23 Nov 2021 08:09:16 GMT
server: UploadServer
etag: "5deae870b2222b29c6b7121fc66a06e3"
vary: Accept-Encoding
x-goog-hash: crc32c=L27ugg==, md5=XerocLIiKynGtxIfxmoG4w==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1637654956218514
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 99492
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 29 Nov 2021 04:21:01 GMT

GET
H2 200 avpb3a0.js Show response
player.aniview.com/script/6.1/ Frame B97F 66 KB
21 KB 11ms
11ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3a0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 913306b3efeb158d441fb1c776b35ac7428029ba1a21669251ea0e5491058d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtYoXM1dxsqom6ZwX-55mokvzXtG7V9Q9j8LAfOPVA8GFPhd34JRty7a2CJv0NietWllfeL5eg71WGzTPJ464s
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 20983
last-modified: Tue, 23 Nov 2021 08:09:29 GMT
server: UploadServer
etag: "afe2a1343bd27698cb9228d1d7c34810"
vary: Accept-Encoding
x-goog-hash: crc32c=58k5rQ==, md5=r+KhNDvSdpjLkijR18NIEA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1637654969826274
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 20983
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 29 Nov 2021 04:21:01 GMT

GET
H2 200 / Show response
onetag-sys.com/vast/57e618150c70d90/ 479 B
701 B 29ms
7ms XHR
application/xml 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/vast/57e618150c70d90/?placement_id=190507835&placement_type=1&encoded_location_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&player_width=480&player_height=270&muted=1&autoplay=1&vpaid_supported=1&gdpr_consent_string=1&cbb=8159361528

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

d1395737dc86c70163a025aea31c989ccbc8c99dabb6a1d347b27c03d86e9846

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.publinews.gt
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/xml;charset=UTF-8
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 356

GET
H/1.1 200
OK vast.xml Show response
video-ads.rubiconproject.com/video/12948/312596/1590248/201/ 2 KB
2 KB 53ms
20ms XHR
text/xml 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/12948/312596/1590248/201/vast.xml?tg_c.language=es&rp_schain=1.0,1!latinon.com,2087,1,,,
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash: c6a6bef5f37a3167a5998b1631530827d42847b281beb5aa3155ef7c057d2ac8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 04:16:01 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: text/xml
Access-Control-Allow-Origin: https://www.publinews.gt
Cache-Control: public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 944
Expires: Mon, 29 Nov 2021 04:16:01 GMT

GET
H/1.1 200
OK 9s574l4Tysjy26x+lt+wUu6OylN7zZhlgAzvGLu7SzWWOyKX3t1K+1ZDKpcsoy75 Show response
ads.adaptv.advertising.com/a/h/ 249 B
546 B 60ms
11ms XHR
text/xml 52.29.208.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/9s574l4Tysjy26x+lt+wUu6OylN7zZhlgAzvGLu7SzWWOyKX3t1K+1ZDKpcsoy75?cb=8159361529&gdpr=1&gdpr_consent=&pi.viewable=1&pi.width=480&pi.height=270&pet=preroll&pageUrl=http%3A%2F%2Fwww.publinews.gt&eov=eov&us_privacy=1---&scpid=5d31fb2628a06116ff22aef3&hp=1

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.208.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-208-72.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 96ms
96ms Image
text/plain 52.73.70.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=68110&t=1638159361&cip=185.213.155.164&sn=&tgt=1&osv=10&bv=96.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1638159361041-926266246083-005649-001-002202&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.89&cb=80536955875&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&nid=5d31fb2628a06116ff22aef3&ncid=5f4452d76e685a1c474b9879&e=request&cb=1638159361531&asid=5e583a8728a0612b276e50a9%2C61929720db3611235a75f084%2C5e4aca1f28a06170371c3e48%2C614b5d12cc8c9824961a92b1&ofpr=0.5%2C0%2C%2C0.5&fpo=%2C%2C%2C
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.70.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-70-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 97ms
97ms Image
text/plain 52.73.70.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=68110&t=1638159361&cip=185.213.155.164&sn=&tgt=1&osv=10&bv=96.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1638159361041-926266246083-005649-001-002202&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.89&cb=80536955875&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&&copid=5d31fb2628a06116ff22aef3&nid=59c9148628a0612da3689288&cocid=5f4452d76e685a1c474b9879&ncid=5db803de28a061465a6e2f41&coasid=5db8052928a061555326a05e&e=request&cb=1638159361531&asid=601176dcb1ad0912ca2d2fc6%2C6144aa230cebf5605a7f98ce%2C5db6fd3728a06117544abec7%2C5f4ba70bf46e4d6c61511abc%2C616eaf4ce50fe916ba2bab64&ofpr=%2C%2C%2C0.5%2C0.75&fpo=%2C%2C%2C%2C
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.70.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-70-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 umpjYrha
pbs.twimg.com/card_img/1465126910464307205/ Frame E8AD 27 KB
27 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465126910464307205/umpjYrha?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/675D) /

Resource Hash

800b08cefce5fb7380e3133c0b7a8b6e6a7fa779c1cc42b7c2d40a64c7f57bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 10416
x-cache: HIT
content-length: 27604
x-response-time: 249
surrogate-key: card_img card_img/bucket/4 card_img/1465126910464307205
last-modified: Mon, 29 Nov 2021 01:12:10 GMT
server: ECS (frb/675D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 43a0db12f2645a1845b30ae7e2b6fa3c54192f551690199a154bd7ab783d22de
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1sWelQ8g
pbs.twimg.com/card_img/1465126973986979845/ Frame E8AD 44 KB
44 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465126973986979845/1sWelQ8g?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6731) /

Resource Hash

1133355be75f91efecc6366167fde50cfc402509f7b55c034ecdb3811678abd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 10854
x-cache: HIT
content-length: 44903
x-response-time: 278
surrogate-key: card_img card_img/bucket/3 card_img/1465126973986979845
last-modified: Mon, 29 Nov 2021 01:12:25 GMT
server: ECS (frb/6731)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fd930b239c696df6863debeab8d0990a66373353cf414d8e5c25f2951766a0a9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame DF76 1 KB
884 B 266ms
15ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1638159361468577643171
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

Server: VertaMedia 1.0
Date: Mon, 29 Nov 2021 04:16:00 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://www.publinews.gt
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5F2C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

31ms
6ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1638159361468577643171
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Nov 2021 04:16:01 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Mon, 29 Nov 2021 04:16:01 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=&_bee_ppp=1
https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=ABzCxk7DSKgAACrsjHsDFQ&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=712269ee-708e-411c-b8d4-ea99fb0dabd7&gdpr=&gdpr_consent=&us_privacy=

43 B
496 B

63ms
62ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=712269ee-708e-411c-b8d4-ea99fb0dabd7&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b5904ab2f63c28b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location: //cm.mgid.com/m?cdsp=433145&c=712269ee-708e-411c-b8d4-ea99fb0dabd7&gdpr=&gdpr_consent=&us_privacy=
Date: Mon, 29 Nov 2021 04:16:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=las1bKtsVGgk
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=las1bKtsVGgk
https://s.pubmine.com/match?bidder_id=1&external_user_id=712269ee-708e-411c-b8d4-ea99fb0dabd7&ssp_data=&gdpr=&gdpr_consent=

43 B
286 B

317ms
28ms

Image
image/gif

176.34.151.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=1&external_user_id=712269ee-708e-411c-b8d4-ea99fb0dabd7&ssp_data=&gdpr=&gdpr_consent=
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 176.34.151.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-151-72.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Location: //s.pubmine.com/match?bidder_id=1&external_user_id=712269ee-708e-411c-b8d4-ea99fb0dabd7&ssp_data=&gdpr=&gdpr_consent=
Date: Mon, 29 Nov 2021 04:16:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
494 B 93ms
57ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=las1bKtsVGgk
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b5904a9e8c02c26-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 mw
mwzeom.zeotap.com/ 95 B
153 B 27ms
21ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=las1bKtsVGgk&zpartnerid=1532&zdid=1532
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://www.publinews.gt
access-control-allow-credentials: true
cf-ray: 6b5904a9b87642d5-FRA
access-control-allow-headers: *
content-length: 95

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=55646076-f716-4014-b0bb-b187ede55103

43 B
512 B

56ms
56ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=55646076-f716-4014-b0bb-b187ede55103
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b5904ae89bcc28b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=55646076-f716-4014-b0bb-b187ede55103
date: Mon, 29 Nov 2021 04:16:02 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=4FrMuAk1tVx7vL3W1O3O&pi=mgid&tc=1

43 B
464 B

58ms
57ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=4FrMuAk1tVx7vL3W1O3O&pi=mgid&tc=1
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b5904aa4e8ac28b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=4FrMuAk1tVx7vL3W1O3O&pi=mgid&tc=1
pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT, Mon, 29 Nov 2021 04:16:01 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=646e248e-bc67-48ca-8f5b-e472d1b7d497&ttl=1640751361

43 B
464 B

58ms
58ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=646e248e-bc67-48ca-8f5b-e472d1b7d497&ttl=1640751361
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b5904aa0e4dc28b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=646e248e-bc67-48ca-8f5b-e472d1b7d497&ttl=1640751361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
412 B 88ms
54ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=las1bKtsVGgk
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b5904a9ea276957-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=las1bKtsVGgk
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=6004880024033247267&gdpr=0&gdpr_consent=
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

0
239 B

615ms
152ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 750589468d5634b7e99830971becaf64
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 04:16:01 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFzMWJLdHNWR2dr&muidn=las1bKtsVGgk
https://cm.mgid.com/google?muidn=las1bKtsVGgk&google_ula={guid},5&google_gid=CAESEKMPXmcx9Ur5PQLwIKG2sSY&google_cver=1

0
376 B

53ms
53ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=las1bKtsVGgk&google_ula={guid},5&google_gid=CAESEKMPXmcx9Ur5PQLwIKG2sSY&google_cver=1
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b5904aa1e58c28b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=las1bKtsVGgk&google_ula={guid},5&google_gid=CAESEKMPXmcx9Ur5PQLwIKG2sSY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=4bc12208-fe51-45dd-b1e9-21c3b8951b2e

43 B
480 B

54ms
54ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=665953&c=4bc12208-fe51-45dd-b1e9-21c3b8951b2e
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b5904aaaed1c28b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=4bc12208-fe51-45dd-b1e9-21c3b8951b2e
date: Mon, 29 Nov 2021 04:16:01 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 mvo Show response
tag.1rx.io/rmp/237356/0/ 0
172 B 60ms
18ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/237356/0/mvo?z=1r&hbv=5.20,2.1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.publinews.gt
pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
372 B 10ms
9ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.publinews.gt
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
217 B 238ms
219ms XHR
application/json 52.29.208.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=AniViewHB
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.208.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-208-72.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.publinews.gt
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
576 B 182ms
114ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=13706367&componentId=prebid&componentSubId=mustang&timestamp=1638159361574&pKey=1821131542&schain=1.0%2C1!latinon.com%2C2087%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&playerSize=480x270
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 04:16:01 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.publinews.gt
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1638159361419067-554
Expires: Mon, 29 Nov 2021 04:16:01 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
410 B 97ms
62ms XHR
application/json 3.124.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.43.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-43-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6ea064b4487bc8c78af6436f595507dd163daa647a78ff6d917348db865ffcde

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: gzip
x-prebid: pbs-java/1.79.0
content-type: application/json
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 _QyV3r2g
pbs.twimg.com/card_img/1465108642949173255/ Frame E8AD 39 KB
40 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465108642949173255/_QyV3r2g?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) /

Resource Hash

050aa9ec6094750bbc959ee2e2bd3f50395f7e5448879bfb9e86985040b54f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 12728
x-cache: HIT
content-length: 40277
x-response-time: 259
surrogate-key: card_img card_img/bucket/8 card_img/1465108642949173255
last-modified: Sun, 28 Nov 2021 23:59:35 GMT
server: ECS (frb/67A7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ed6dc03bac74ad0153db35c74dd3f276c5c1db2d2767dc2080456ab83d4cb1de
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET ads
googleads.g.doubleclick.net/pagead/ 0
0

GET
H2 200 IRnDNCBx
pbs.twimg.com/card_img/1465107145276461056/ Frame E8AD 175 KB
176 KB 7ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465107145276461056/IRnDNCBx?format=png&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

1a09fe33a55d9a430e4889891492cd7ebd2c839259aa9f1e2fc0b67a908388d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 14947
x-cache: HIT
content-length: 179537
x-response-time: 272
surrogate-key: card_img card_img/bucket/7 card_img/1465107145276461056
last-modified: Sun, 28 Nov 2021 23:53:38 GMT
server: ECS (frb/67F2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c795b04e40646d31cfa05b37560b8566a02ba2f043d8be0846898be719784a6a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GIpOvpHe
pbs.twimg.com/card_img/1465099349059256323/ Frame E8AD 30 KB
30 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465099349059256323/GIpOvpHe?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

32da9aa631e908c60315f445f8a44e4808940c2fcb7a1840c8c2e8e3f6c62353

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 17225
x-cache: HIT
content-length: 30750
x-response-time: 237
surrogate-key: card_img card_img/bucket/3 card_img/1465099349059256323
last-modified: Sun, 28 Nov 2021 23:22:39 GMT
server: ECS (frb/6794)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ea300058187bf842f8a2cea20ef76deb9229fdaf43a2619c91cdecd2e38ed575
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 j44wN2ku
pbs.twimg.com/card_img/1465098435191873543/ Frame E8AD 50 KB
50 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465098435191873543/j44wN2ku?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C2) /

Resource Hash

31f24a77df42abbe0d016c67f92cffb81a0d9b18d456e164072622dd460e2d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 17409
x-cache: HIT
content-length: 51259
x-response-time: 280
surrogate-key: card_img card_img/bucket/0 card_img/1465098435191873543
last-modified: Sun, 28 Nov 2021 23:19:01 GMT
server: ECS (frb/67C2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e4b77bcf863c741de55dc65a4fef256052583edf8c44df43bf2230beb381abcd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2F9E 0
39 B 15ms
15ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5981467&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638159361041-926266246083-005649-001-002202%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
content-length: 0

GET
H2 200 jUWgI0GL
pbs.twimg.com/card_img/1465079179016380425/ Frame E8AD 36 KB
36 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1465079179016380425/jUWgI0GL?format=jpg&name=600x314

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

c344293ae037d3d1d273dbaf5416057c6652851f15c7df86c819cac766a3ff24

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
x-content-type-options: nosniff
age: 22273
x-cache: HIT
content-length: 36726
x-response-time: 336
surrogate-key: card_img card_img/bucket/2 card_img/1465079179016380425
last-modified: Sun, 28 Nov 2021 22:02:30 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bf6e456c683a57e2d9f8e376ad23f9935e662d0bcedaaa06627518fd4d11d063
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5F2C 32 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 937a3477372a826e2221ab76df0804efbd2912f2b7d7c217dcea698a7007391c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14055
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Mon, 29 Nov 2021 08:10:16 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5F2C 284 B
536 B 615ms
154ms Image
image/jpg 8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 5daa34953a867809056448757b76591b
Content-Type: image/jpg

GET ads
googleads.g.doubleclick.net/pagead/ 0
0

GET
H2 200 track
track1.aniview.com/ 0
70 B 164ms
164ms Image
text/plain 52.73.70.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=68110&t=1638159361&cip=185.213.155.164&sn=&tgt=1&osv=10&bv=96.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1638159361041-926266246083-005649-001-002202&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.89&cb=80536955875&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&nid=5d31fb2628a06116ff22aef3&ncid=5f4452d76e685a1c474b9879&e=bid&cb=1638159361831&asid=5e4aca1f28a06170371c3e48&ofpr=&fpo=
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.70.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-70-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 98ms
97ms Image
text/plain 52.73.70.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=68110&t=1638159361&cip=185.213.155.164&sn=&tgt=1&osv=10&bv=96.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1638159361041-926266246083-005649-001-002202&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.89&cb=80536955875&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&&copid=5d31fb2628a06116ff22aef3&nid=59c9148628a0612da3689288&cocid=5f4452d76e685a1c474b9879&ncid=5db803de28a061465a6e2f41&coasid=5db8052928a061555326a05e&e=bid&cb=1638159361831&asid=601176dcb1ad0912ca2d2fc6&ofpr=&fpo=
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.70.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-70-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK bridge-31037.js Show response
video-ads.rubiconproject.com/video/ Frame 8AA1 65 KB
20 KB 7ms
7ms Script
application/javascript 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/bridge-31037.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 441190ba2b13013b7493f024e780f07c29817bbc83f6b81d507c406605718711

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Sep 2021 12:22:06 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "103d9-5cc6c54469780-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 20289

GET
H3

200

m
cm.mgid.com/ Frame DF76
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
https://cm.mgid.com/m?cdsp=617666&c=55faa017425e145f

43 B
529 B

69ms
69ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617666&c=55faa017425e145f
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol: H3
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b5904af09fdc28b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location: https://cm.mgid.com/m?cdsp=617666&c=55faa017425e145f
Date: Mon, 29 Nov 2021 04:16:02 GMT
Server: VertaMedia 1.0
Etag: 55faa017425e145f
Content-Length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B97F 368 KB
123 KB 161ms
47ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125138
x-xss-protection: 0
expires: Mon, 29 Nov 2021 04:16:01 GMT

GET
H/1.1 200 bridge_loaded-f9dda287-293b-494e-b905-42af848adfe8
beacon-nf.rubiconproject.com/beacon/e/vpbpixelload/ Frame 8AA1 43 B
353 B 45ms
9ms Image
image/gif 69.173.144.158
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-nf.rubiconproject.com/beacon/e/vpbpixelload/bridge_loaded-f9dda287-293b-494e-b905-42af848adfe8?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&event=bridge_loaded

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

69.173.144.158 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 04:16:01 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ Frame 8AA1 28 B
852 B 408ms
184ms XHR
application/xml 54.83.97.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0,1!latinon.com,2087,1,,,&p_window.depth=0&rf=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&p_window.url=&p_window.w=480&p_window.h=290&p_aso.video.ext.ad.w=480&p_aso.video.ext.ad.h=270&width=480&height=270&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=8422617114613102&rp_secure=1
Requested by: Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31037.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.97.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-97-117.compute-1.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:02 GMT
server: nginx/1.16.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: application/xml
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FAFA 42 B
64 B 108ms
61ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvZAShqLx1uEWbqNu1AlgNGOnAmTN2IuqNtIk6FF3eqMMdt_zfKS4HFNrC4IzTqGUOgGmjkN8mIXldqnJwmz5Kyo_K0cDc8KkrY01IpfjIWPRGMPlg&sig=Cg0ArKJSzMFoKVb882AMEAE&id=lidar2&mcvt=1000&p=1095,315,1195,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=3733977308&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638159360477&rpt=591&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CA2B 42 B
64 B 106ms
60ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPYeux1cgWBM-RpD79m8xlP9yrvyNyGx_vTFcxAd11D-lI5OAS0FF7QyyDcc7MZ3_F4AeUQif_GHnDdzJmz1H54bSiZZgHfrHnvw26BFoG_NWiWj9m&sig=Cg0ArKJSzMe2xnbfx6uJEAE&id=lidar2&mcvt=1001&p=8,315,258,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=3455657583&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638159360390&rpt=687&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bridge3.489.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8426 580 KB
190 KB 85ms
39ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194780
date: Tue, 23 Nov 2021 05:05:22 GMT
expires: Wed, 23 Nov 2022 05:05:22 GMT
last-modified: Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 515440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B97F 44 KB
16 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 04:16:02 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B97F 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.publinews.gt

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 04:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 28F1
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

7ms
7ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.publinews.gt
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 967676
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 29 Nov 2021 04:16:02 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 18 Oct 2021 18:33:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67AA)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Mon, 29 Nov 2021 04:16:02 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Mon, 29 Nov 2021 04:16:02 GMT
x-transaction: b0742223ecda0ad6
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-response-time: 132
x-connection-hash: ec2d5a4e118b2ceaef6f3103b8876bb02d3c1a2403f2c90ec9000e0af08cf987

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3622 37 KB
13 KB 39ms
39ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 03:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 29 Nov 2021 04:35:06 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame C5E9 2 KB
823 B 8ms
8ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1638159361609

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1477 281 B
554 B 8ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Nov 2021 04:16:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=646e248e-bc67-48ca-8f5b-e472d1b7d497&_origin=1&gdpr=1&gdpr_consent=

0
15 B

26ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=646e248e-bc67-48ca-8f5b-e472d1b7d497&_origin=1&gdpr=1&gdpr_consent=

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:02 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=646e248e-bc67-48ca-8f5b-e472d1b7d497&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H2

204

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP0fd0d507-50cb-11ec-9982-06a20cd9f756
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAwZmQwZDUwNy01MGNiLTExZWMtOTk4Mi0wNmEyMGNkOWY3NTY%3D
https://pixel.advertising.com/ups/57304/sync?uid=CAESEGn1czUyVTHnf2uUZjyEMUA&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEGn1czUyVTHnf2uUZjyEMUA&google_cver=1&apid=UP0fd0d507-50cb-11ec-9982-06a20cd9f756

0
134 B

10ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEGn1czUyVTHnf2uUZjyEMUA&google_cver=1&apid=UP0fd0d507-50cb-11ec-9982-06a20cd9f756

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:02 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEGn1czUyVTHnf2uUZjyEMUA&google_cver=1&apid=UP0fd0d507-50cb-11ec-9982-06a20cd9f756
date: Mon, 29 Nov 2021 04:16:02 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
https://pixel.advertising.com/ups/55986/sync?uid=YaRUAAAIGMd3TQBR&_origin=0&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YaRUAAAIGMd3TQBR&_origin=0&gdpr=0&gdpr_consent=&apid=UP0fd0d507-50cb-11ec-9982-06a20cd9f756

0
123 B

41ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55986/sync?uid=YaRUAAAIGMd3TQBR&_origin=0&gdpr=0&gdpr_consent=&apid=UP0fd0d507-50cb-11ec-9982-06a20cd9f756

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:02 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55986/sync?uid=YaRUAAAIGMd3TQBR&_origin=0&gdpr=0&gdpr_consent=&apid=UP0fd0d507-50cb-11ec-9982-06a20cd9f756
date: Mon, 29 Nov 2021 04:16:02 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

stv
match.prod.bidr.io/cookie-sync/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f4b75b7c5ccb53dbec2b6a17a9c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser....
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e45b8_7035840881131315970
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjRiNzViN2M1Y2NiNTNkYmVjMmI2YTE3YTlj&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEImj4BC0MJaJ0xgS1M_t7oI&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=646e248e-bc67-48ca-8f5b-e472d1b7d497
https://pr-bh.ybp.yahoo.com/sync/stickyads/f4b75b7c5ccb53dbec2b6a17a9c?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-FOLCVGhE2oPNyKaAlUdgujMi3VH8RHv10Wvr.s3y~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6299299316721760770
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=b86e61a4-53ff-4000-b37d-cc4f52a4e882&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3313540736379815739
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=0zmNlsEF1MRy5c5
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=

0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1477 32 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 937a3477372a826e2221ab76df0804efbd2912f2b7d7c217dcea698a7007391c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14054
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Mon, 29 Nov 2021 08:10:16 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8426 73 KB
16 KB 278ms
277ms XHR
text/xml 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Aniview%2Fpreroll%2Fsyndication_1&description_url=larepublica.pe&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1793379514592549&sdkv=h.3.489.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3966419584&sdk_apis=2%2C8&sid=04E4380E-D31A-46EF-9E1C-7B71D0A045A5&nel=1&eid=44736292&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&dt=1638159362432&cookie=ID%3De72dd9e1a2cc4ae1%3AT%3D1638159360%3AS%3DALNI_MYTkNYIISGDG2NeSKgG5uZgO8cxVg&scor=3715446877645698&ged=ve4_td1_tt0_pd1_la1000_er826.3520.980.3820_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e6eb0dbc485eaa304e88806bec35f402c78e7b992ae584639312ac301dc1a1fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15754
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B97F 581 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 8426 0
327 B 723ms
257ms Ping
image/gif 2800:3f0:4001:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwk5sdp4&c=1141792063363&slotId=570896031681.5&qqid=CMu7i5fbvPQCFfCFgwcdYOEEcQ&gqid=AlSkYfS_G5aLjuwP-cOgoAo&fb=ima_html5-lima&sdkv=h.3.489.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44736292&met.4=ghmsh_s.kwk5sdyk~ghmsh_s.kwk5sdyl&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=amN67D4r35ehnroO
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:822::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 simid_trueview_en.html Show response
imasdk.googleapis.com/js/simid/ Frame 7728 143 KB
44 KB 48ms
47ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/simid/simid_trueview_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66e8ee4eb6a609d65acd38ac2ab339a9d40070ac2de9aed1dbf73b4f65f5e053

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce--Siz4opGg_5ruuspne-sVA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce--Siz4opGg_5ruuspne-sVA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
date: Mon, 29 Nov 2021 04:16:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 8426 453 B
478 B 39ms
38ms Image
image/png 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 03:51:09 GMT
x-content-type-options: nosniff
age: 1493
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Nov 2021 04:41:09 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8426 42 B
64 B 92ms
48ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CtUxsAlSkYcuyHfCLjuwP4MKTiAeX6vvmZu7ap6qSD7CQHxABILCv4h9gleKQgqAHoAHkmMXwA8gBBakCPVGexJX9sj7gAgCoAwGYBACqBJoCT9BoMa0_KGdrMAJgMuwonBiYw5XmKP4eQnat2mm1EP3x0T8EBEwA00zeGVz5VlEUljVOlkJ797qMroV3Rh0XdgQGSn0iNiWjsAH5F2Mp5MQhfhWwD-z1-GJbSJAA0noxg8VLIRPw6wiDn9dQu3D7H72aQwoF8_IinMO50VegsMKWfazLntFHQkMjDDQYwH3otsetE599pcTu3YOElze1Dh6uWFztcYuULpBDJ63inIhdcLSGoyY4f1i9z85_oABcN83KFSxa35dVtk_2OOYYFN3B6IkKEJj8RwCDNfpbagosNiAjXWZ-i4MRZkqGlLcBXUmhz5_ZqwX6t8AUPscGe0wI0PeUO9pPDY1wN-oCyP5Y_PufxItJRhpgwAS4852Z7QPgBAGgBlSAB7rbp94BqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzE0OTUwNDI4MjE2Mjg5sQkWeUkjaQAIaoAKA5gLAcgLAdALDrgMAdgTDdAVAeIWAggB-BYBgBcB&sigh=NxENimkMK2Y&label=show_ad&acvw=&sdkv=h.3.489.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDMxNjY0NDcxODIMNTY0NTY2MzYzMTgwQJ4CUh0QDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25QABgB

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 8426 0
0 60ms
59ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=C4E2fAlSkYcuyHfCLjuwP4MKTiAeX6vvmZu7ap6qSD7CQHxABILCv4h9gleKQgqAHoAHkmMXwA8gBBakCPVGexJX9sj7gAgCoAwGYBACqBJcCT9BoMa0_KGdrMAJgMuwonBiYw5XmKP4eQnat2mm1EP3x0T8EBEwA00zeGVz5VlEUljVOlkJ797qMroV3Rh0XdgQGSn0iNiWjsAH5F2Mp5MQhfhWwD-z1-GJbSJAA0noxg8VLIRPw6wiDn9dQu3D7H72aQwoF8_IinMO50VegsMKWfazLntFHQkMjDDQYwH3otsetE599pcTu3YOElze1Dh6uWFztcYuULpBDJ63inIhdcLSGoyY4f1i9z85_oABcN83KFSxa35dVtk_2OOYYFN3B6IkKEJj8RwCDNfpbagosNiAjXWZ-i4MRZkqGzLb7iNpTuQ1ZUqCscWVitGZz8cVyzv05MfRXrx_JQmCBH-p05HlDed2PwAS4852Z7QPgBAGgBlSAB7rbp94BqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhvYBwHyBwUQ9s_NAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTcxNDk1MDQyODIxNjI4OYAKA8gLAcITBhjkmMXwA9gTDdAVAeIWAggBgBcBshceChwIABIUcHViLTU3MTcwOTI1MzM5MTM1MTUY0IoR&sigh=VOQm8tiAvEk&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&vt=10&sdkv=h.3.489.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDMxNjY0NDcxODIMNTY0NTY2MzYzMTgwQJ4CUh0QDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame B97F 0
54 B 676ms
257ms Ping
image/gif 2800:3f0:4001:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwk5sdik&c=1141792063363&slotId=570896031681.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:822::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

videoplayback
rr3---sn-5hne6nsk.googlevideo.com/ Frame B97F
Redirect Chain

https://rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1638188162&ei=AlSkYfSzJ8aH8gOSlLSwCw&ip=185.213.155.164&id=4c3ad75bd702f614&itag=22&source=youtube&requiressl=yes&mh=Ex&mm=31&mn=sn-5h...
https://rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1638188162&ei=AlSkYfSzJ8aH8gOSlLSwCw&ip=185.213.155.164&id=4c3ad75bd702f614&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ct...

705 KB
705 KB

44ms
16ms

Media
video/mp4

2a00:1450:400e:5::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1638188162&ei=AlSkYfSzJ8aH8gOSlLSwCw&ip=185.213.155.164&id=4c3ad75bd702f614&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=11.052&lmt=1637192460833362&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAN2NsIo1srZGo0r9Gelm39aObsFaAgceO9-mD9DT9uecAiEApvFUpwXd7O3DoHO_HrGjnG7clnPiJhAEEa1zFbDnp-Q=&cpn=amN67D4r35ehnroO&redirect_counter=1&rm=sn-5hnely7s&fexp=24103968&req_id=4cb830f88ef636e2&cms_redirect=yes&ipbypass=yes&mh=Ex&mip=2a03:1b20:6:f011::4e&mm=31&mn=sn-5hne6nsk&ms=au&mt=1638159188&mv=m&mvi=3&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAN0Wo1dzmld5OktGF0eVNr6sL9lksBm30yyiruJaV1DBAiEA2cGwT_2Z99oJFccYKnIiqefSJ5M7u3YNROoUIwkMqLk%3D

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Server

2a00:1450:400e:5::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e8f639c088f730ab2b58b34818e176b22a29d4554ddfa9e35836615aaaf04cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Nov 2021 23:41:00 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-721684/721685
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 721685
Expires: Mon, 29 Nov 2021 04:16:02 GMT

Redirect headers

Date: Mon, 29 Nov 2021 04:16:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1638188162&ei=AlSkYfSzJ8aH8gOSlLSwCw&ip=185.213.155.164&id=4c3ad75bd702f614&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=11.052&lmt=1637192460833362&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAN2NsIo1srZGo0r9Gelm39aObsFaAgceO9-mD9DT9uecAiEApvFUpwXd7O3DoHO_HrGjnG7clnPiJhAEEa1zFbDnp-Q=&cpn=amN67D4r35ehnroO&redirect_counter=1&rm=sn-5hnely7s&fexp=24103968&req_id=4cb830f88ef636e2&cms_redirect=yes&ipbypass=yes&mh=Ex&mip=2a03:1b20:6:f011::4e&mm=31&mn=sn-5hne6nsk&ms=au&mt=1638159188&mv=m&mvi=3&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAN0Wo1dzmld5OktGF0eVNr6sL9lksBm30yyiruJaV1DBAiEA2cGwT_2Z99oJFccYKnIiqefSJ5M7u3YNROoUIwkMqLk%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Mon, 29 Nov 2021 04:16:02 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/TDrXW9cC9hQ/ Frame 7728 30 KB
30 KB 132ms
46ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/TDrXW9cC9hQ/hqdefault.jpg

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc97e63340ec0aa4c1588d17061fc56057cd830a7a33c7df86e564dbc1626f51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:13:16 GMT
x-content-type-options: nosniff
age: 167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30598
x-xss-protection: 0
server: sffe
etag: "1637006859"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 29 Nov 2021 06:13:16 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8426 42 B
64 B 47ms
47ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CtUxsAlSkYcuyHfCLjuwP4MKTiAeX6vvmZu7ap6qSD7CQHxABILCv4h9gleKQgqAHoAHkmMXwA8gBBakCPVGexJX9sj7gAgCoAwGYBACqBJoCT9BoMa0_KGdrMAJgMuwonBiYw5XmKP4eQnat2mm1EP3x0T8EBEwA00zeGVz5VlEUljVOlkJ797qMroV3Rh0XdgQGSn0iNiWjsAH5F2Mp5MQhfhWwD-z1-GJbSJAA0noxg8VLIRPw6wiDn9dQu3D7H72aQwoF8_IinMO50VegsMKWfazLntFHQkMjDDQYwH3otsetE599pcTu3YOElze1Dh6uWFztcYuULpBDJ63inIhdcLSGoyY4f1i9z85_oABcN83KFSxa35dVtk_2OOYYFN3B6IkKEJj8RwCDNfpbagosNiAjXWZ-i4MRZkqGlLcBXUmhz5_ZqwX6t8AUPscGe0wI0PeUO9pPDY1wN-oCyP5Y_PufxItJRhpgwAS4852Z7QPgBAGgBlSAB7rbp94BqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzE0OTUwNDI4MjE2Mjg5sQkWeUkjaQAIaoAKA5gLAcgLAdALDrgMAdgTDdAVAeIWAggB-BYBgBcB&sigh=NxENimkMK2Y&label=video_ad_loaded&acvw=&sdkv=h.3.489.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDMxNjY0NDcxODIMNTY0NTY2MzYzMTgwQJ4CUh0QDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25QABgB

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 8426 41 KB
15 KB 89ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226922
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 13:14:01 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 8426 0
0 65ms
64ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=C4E2fAlSkYcuyHfCLjuwP4MKTiAeX6vvmZu7ap6qSD7CQHxABILCv4h9gleKQgqAHoAHkmMXwA8gBBakCPVGexJX9sj7gAgCoAwGYBACqBJcCT9BoMa0_KGdrMAJgMuwonBiYw5XmKP4eQnat2mm1EP3x0T8EBEwA00zeGVz5VlEUljVOlkJ797qMroV3Rh0XdgQGSn0iNiWjsAH5F2Mp5MQhfhWwD-z1-GJbSJAA0noxg8VLIRPw6wiDn9dQu3D7H72aQwoF8_IinMO50VegsMKWfazLntFHQkMjDDQYwH3otsetE599pcTu3YOElze1Dh6uWFztcYuULpBDJ63inIhdcLSGoyY4f1i9z85_oABcN83KFSxa35dVtk_2OOYYFN3B6IkKEJj8RwCDNfpbagosNiAjXWZ-i4MRZkqGzLb7iNpTuQ1ZUqCscWVitGZz8cVyzv05MfRXrx_JQmCBH-p05HlDed2PwAS4852Z7QPgBAGgBlSAB7rbp94BqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhvYBwHyBwUQ9s_NAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTcxNDk1MDQyODIxNjI4OYAKA8gLAcITBhjkmMXwA9gTDdAVAeIWAggBgBcBshceChwIABIUcHViLTU3MTcwOTI1MzM5MTM1MTUY0IoR&sigh=VOQm8tiAvEk&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&sdkv=h.3.489.0
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8426 42 B
64 B 53ms
51ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C0vNAAlSkYcuyHfCLjuwP4MKTiAeX6vvmZu7ap6qSD7CQHxABILCv4h9gleKQgqAHoAHkmMXwA8gBBakCPVGexJX9sj7gAgCoAwGYBACqBJcCT9BoMa0_KGdrMAJgMuwonBiYw5XmKP4eQnat2mm1EP3x0T8EBEwA00zeGVz5VlEUljVOlkJ797qMroV3Rh0XdgQGSn0iNiWjsAH5F2Mp5MQhfhWwD-z1-GJbSJAA0noxg8VLIRPw6wiDn9dQu3D7H72aQwoF8_IinMO50VegsMKWfazLntFHQkMjDDQYwH3otsetE599pcTu3YOElze1Dh6uWFztcYuULpBDJ63inIhdcLSGoyY4f1i9z85_oABcN83KFSxa35dVtk_2OOYYFN3B6IkKEJj8RwCDNfpbagosNiAjXWZ-i4MRZkqGzLb7iNpTuQ1ZUqCscWVitGZz8cVyzv05MfRXrx_JQmCBH-p05HlDed2PwAS4852Z7QPgBAGgBlSAB7rbp94BqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzE0OTUwNDI4MjE2Mjg5gAoDyAsB2BMN0BUB4hYCCAH4FgGAFwE&sigh=PG4F1W4Bbew&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D906%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D826,3520,1096,4000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D11006%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D484%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D53592294%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1638159363062%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1638159362874&sdkv=h.3.489.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDMxNjY0NDcxODIMNTY0NTY2MzYzMTgwQJ4CUiAQDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25I3gFQABgB

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8426 42 B
64 B 51ms
50ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHaNeYu4O7Eo0iP3KGPVRA379d3beFv4B0KWhyHIvgrusM5IN9Emnq-bXiQdMhHo_aHBw9h9zhypmaQgoORyEjbBI7RkoUDqAZ_OeOZIc4cMHCZIvUZA&sai=AMfl-YSEiQRXZXlpWg0aWaZw-5Xn_9fYocYSPDQuDjHs7yu6F8GYp3sLYG1XMgCyRTEzlthHsUhL_Q2K1rgcv21k-g_bYkF3-FNKNeO9eRBjdSATpDcZCOxwXJBQQbBa&sig=Cg0ArKJSzHhmcrEtAbYOEAE&cid=CAASF-Ro2XwcAoskBdY_x0HiTz2AFxZhj5WM&id=lidarv&acvw=sv%3D906%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D826,3520,1096,4000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D11006%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D484%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D53592294%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1638159363064%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1638159362874&avm=1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8426 42 B
64 B 50ms
49ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C0vNAAlSkYcuyHfCLjuwP4MKTiAeX6vvmZu7ap6qSD7CQHxABILCv4h9gleKQgqAHoAHkmMXwA8gBBakCPVGexJX9sj7gAgCoAwGYBACqBJcCT9BoMa0_KGdrMAJgMuwonBiYw5XmKP4eQnat2mm1EP3x0T8EBEwA00zeGVz5VlEUljVOlkJ797qMroV3Rh0XdgQGSn0iNiWjsAH5F2Mp5MQhfhWwD-z1-GJbSJAA0noxg8VLIRPw6wiDn9dQu3D7H72aQwoF8_IinMO50VegsMKWfazLntFHQkMjDDQYwH3otsetE599pcTu3YOElze1Dh6uWFztcYuULpBDJ63inIhdcLSGoyY4f1i9z85_oABcN83KFSxa35dVtk_2OOYYFN3B6IkKEJj8RwCDNfpbagosNiAjXWZ-i4MRZkqGzLb7iNpTuQ1ZUqCscWVitGZz8cVyzv05MfRXrx_JQmCBH-p05HlDed2PwAS4852Z7QPgBAGgBlSAB7rbp94BqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzE0OTUwNDI4MjE2Mjg5gAoDyAsB2BMN0BUB4hYCCAH4FgGAFwE&sigh=PG4F1W4Bbew&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D906%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D826,3520,1096,4000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D11006%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D484%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D53592294%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1638159363065%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1638159362874&sdkv=h.3.489.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDMxNjY0NDcxODIMNTY0NTY2MzYzMTgwQJ4CUiAQDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25I3gFQABgB

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8426 42 B
64 B 51ms
50ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C0vNAAlSkYcuyHfCLjuwP4MKTiAeX6vvmZu7ap6qSD7CQHxABILCv4h9gleKQgqAHoAHkmMXwA8gBBakCPVGexJX9sj7gAgCoAwGYBACqBJcCT9BoMa0_KGdrMAJgMuwonBiYw5XmKP4eQnat2mm1EP3x0T8EBEwA00zeGVz5VlEUljVOlkJ797qMroV3Rh0XdgQGSn0iNiWjsAH5F2Mp5MQhfhWwD-z1-GJbSJAA0noxg8VLIRPw6wiDn9dQu3D7H72aQwoF8_IinMO50VegsMKWfazLntFHQkMjDDQYwH3otsetE599pcTu3YOElze1Dh6uWFztcYuULpBDJ63inIhdcLSGoyY4f1i9z85_oABcN83KFSxa35dVtk_2OOYYFN3B6IkKEJj8RwCDNfpbagosNiAjXWZ-i4MRZkqGzLb7iNpTuQ1ZUqCscWVitGZz8cVyzv05MfRXrx_JQmCBH-p05HlDed2PwAS4852Z7QPgBAGgBlSAB7rbp94BqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzE0OTUwNDI4MjE2Mjg5gAoDyAsB2BMN0BUB4hYCCAH4FgGAFwE&sigh=PG4F1W4Bbew&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=admute&ad_mt=0&acvw=sv%3D906%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D826,3520,1096,4000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D13%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D13%26pst%3D-1%26dur%3D11006%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D13%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D484%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D53592294%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1638159363067%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1638159362874&sdkv=h.3.489.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDMxNjY0NDcxODIMNTY0NTY2MzYzMTgwQJ4CUiAQDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25I3gFQABgB

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init-1118laf8ur58pv1xytjm.js Show response
api.fouanalytics.com/api/ Frame B97F 0
603 B 196ms
168ms Script
text/javascript 2606:4700:3033::6815:3a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1118laf8ur58pv1xytjm.js?di=www.publinews.gt&ui=1638159361041-926266246083-005649-001-002202&md=2&ap=&sr=aniview.com&pp=5d31fb2628a06116ff22aef3&ti=bb33306bcb58cb0716e7f41dfbc6aa87_1723158126_3613291&de=2&si=5d31fb2628a06116ff22aef3&dm=480x270&pi=601176dcb1ad0912ca2d2fc6&bt=programmatic&gt=DE&ac=5db803de28a061465a6e2f41&pc=&cr=&c1=59c9148628a0612da3689288&c2=5db803de28a061465a6e2f41&c3=5d31fb2628a06116ff22aef3&c4=5db8052928a061555326a05e&c5=5f4452d76e685a1c474b9879&c6=5d31fb2628a06116ff22aef3&c7=5f4452d76e685a1c474b9879&c8=600415dcd9cbd61a5e29f539&c9=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3a2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plvfhdPe3AgB3HiG34h5CXDIdyc4vrIlnMxSBZAuAZ%2BAmOQSLBk3HAa9sPZcOcx9aIfk2JQJy0Ny63z%2BH2HPg9gllfDxA6I1QnPBrnbMclMtlJw6WHdeO4PZVFH3pG4JAjlfbOEJTcVnMOvtFGaL7sLctQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6b5904b36e001752-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 97ms
96ms Image
text/plain 52.73.70.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=68110&t=1638159361&cip=185.213.155.164&sn=&tgt=1&osv=10&bv=96.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1638159361041-926266246083-005649-001-002202&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.89&cb=80536955875&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&asid=5db8052928a061555326a05e%7C601176dcb1ad0912ca2d2fc6&pid=5d31fb2628a06116ff22aef3%7C59c9148628a0612da3689288&cid=5f4452d76e685a1c474b9879%7C5db803de28a061465a6e2f41&h=8134c023745d29eeab912301861f9dd58ed9dfcc&d9=1000&ad=11&vi=100&ofpr=1&imid=bb33306bcb58cb0716e7f41dfbc6aa87_1723158126_7769682&e=impression&cb=1638159361526&ad=11&vi=100&d4=1&d5=1&d1=vpaid&fv=1&cb=1638159361533
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.70.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-70-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 96ms
96ms Image
text/plain 52.73.70.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=68110&t=1638159361&cip=185.213.155.164&sn=&tgt=1&osv=10&bv=96.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1638159361041-926266246083-005649-001-002202&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.89&cb=80536955875&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&asid=5db8052928a061555326a05e%7C601176dcb1ad0912ca2d2fc6&pid=5d31fb2628a06116ff22aef3%7C59c9148628a0612da3689288&cid=5f4452d76e685a1c474b9879%7C5db803de28a061465a6e2f41&h=8134c023745d29eeab912301861f9dd58ed9dfcc&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=1&imid=bb33306bcb58cb0716e7f41dfbc6aa87_1723158126_7769682&e=start&d1=vpaid&fv=1&cb=1638159361533
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.70.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-70-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 6467 23 KB
9 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Fri, 26 Nov 2021 07:43:36 GMT
expires: Sat, 26 Nov 2022 07:43:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 246747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 2.jpg
publinewsgt.com/ads/2021/8/upa/LayerDK/ Frame C83D 41 KB
42 KB 11ms
11ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/2.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18 /
Resource Hash: e76253388bbf900f46f1a67f85698dfde4fae64b1e6757c14b60ba29225d9345

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:03 GMT
Last-Modified: Wed, 13 Oct 2021 16:52:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18
ETag: "a510-5ce3ec9679bf0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 42256

GET
H/1.1 200
OK 1.jpg
publinewsgt.com/ads/2021/8/upa/LayerDK/ Frame C83D 57 KB
57 KB 11ms
11ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/1.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18 /
Resource Hash: 50082d4c1d9de67bdbc4e1cfeae4b0bcb138a2c964c395f36a4921482e9cf9e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:03 GMT
Last-Modified: Wed, 13 Oct 2021 16:52:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18
ETag: "e3c6-5ce3ec96fd952"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 58310

GET
H/1.1 200
OK 2.jpg
publinewsgt.com/ads/2021/8/upa/LayerDK/ Frame 5357 41 KB
42 KB 11ms
11ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/2.jpg
Requested by: Host: publinewsgt.com
URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18 /
Resource Hash: e76253388bbf900f46f1a67f85698dfde4fae64b1e6757c14b60ba29225d9345

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:03 GMT
Last-Modified: Wed, 13 Oct 2021 16:52:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18
ETag: "a510-5ce3ec9679bf0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 42256

GET
H/1.1 200
OK 1.jpg
publinewsgt.com/ads/2021/8/upa/LayerDK/ Frame 5357 57 KB
57 KB 33ms
11ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/1.jpg
Requested by: Host: publinewsgt.com
URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18 /
Resource Hash: 50082d4c1d9de67bdbc4e1cfeae4b0bcb138a2c964c395f36a4921482e9cf9e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:03 GMT
Last-Modified: Wed, 13 Oct 2021 16:52:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18
ETag: "e3c6-5ce3ec96fd952"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 58310

GET
H/1.1 200
OK 2.jpg
publinewsgt.com/ads/2021/8/upa/LayerDK/ Frame 372A 41 KB
42 KB 28ms
11ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/2.jpg
Requested by: Host: publinewsgt.com
URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18 /
Resource Hash: e76253388bbf900f46f1a67f85698dfde4fae64b1e6757c14b60ba29225d9345

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:03 GMT
Last-Modified: Wed, 13 Oct 2021 16:52:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18
ETag: "a510-5ce3ec9679bf0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 42256

GET
H/1.1 200
OK 1.jpg
publinewsgt.com/ads/2021/8/upa/LayerDK/ Frame 372A 57 KB
57 KB 29ms
11ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/1.jpg
Requested by: Host: publinewsgt.com
URL: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18 /
Resource Hash: 50082d4c1d9de67bdbc4e1cfeae4b0bcb138a2c964c395f36a4921482e9cf9e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://publinewsgt.com/ads/2021/8/upa/LayerDK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:16:03 GMT
Last-Modified: Wed, 13 Oct 2021 16:52:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.18
ETag: "e3c6-5ce3ec96fd952"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 58310

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6467 35 KB
13 KB 39ms
39ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:38:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:38:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6467 0
20 B 49ms
49ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.489.0&bgai=BFq6XAlSkYcuyHfCLjuwP4MKTiAcAAAAAOAG6BRMI9MiJl9u89AIVloWDBx35IQik&bg=!dXaldjLNAAZQLpa_UC47ACkAdvg8WqiIHLrqeR_BQG7bS6hhTLNhpcbxh0_3zvaQdk9Ko76vlLyspAIAAABbUgAAAAtoAQcKABEN4WXfC5eHVoCNbbszwzEUspkCYRDrpCIwkpNs_nyvBZZEicCTp2s4P4Un3hBISH36Gk3JVjaceIi6nwwG7H5kDqpcVLvOHZ8ki5MovwagD5ItIA0f9R16I7RB88KDM_KgV2ZGaRW-Hq0YLGRQmnJ0WdF7q_LaIk6XtkW9b0_rVeYrh8LWDDqOLdi4RfOB7FiUnQy1AYsfvUtvS-rXWoKXGB0xojr5NRSfydR_u_-pWtWGtjwi2gd-Dg-f6NXheCxUlHhKLf25-fM_zLP3G_ngtJ20s3gXGYWhp3i6HgpHDbxvTBuYbg0TPzhpSbSaIsrrQhCD5x5CQ18BRBOIKg_VTWpLSkhfwkCgAxtR8XDBvBFDp2TRnMN2Oy0hAkPncLj51JoE1xsqCW4PsUB-XceI3258WvTlw76-nxVFuV0fvGgPMPbu4QuXksEUn_jKTY4N6VxUC1xHAfhwkImaeyHpXKmBQtArAsUsNwX0yLL0QniVFGPyp7WlGalQtyBbwC3qyhWvpBe_x8m9ZknlUQ1WvOK3iF7fh-76_q8TzcPyJCo8NcNhy_aMx4E09DmGdjAReMuPcdBK1_F4N3oFM7LUbSnTiUKKSfKiLm_F_FnxqPHnAFHhXMgnpclgdynDAYkGKC_QbZWy0LRUjyY92hHnSGQuZjbE4TBWrOTUzsDXwm7kUrLfcJWiFrZh0XcEfxpDauZNE6tbb2L2tL1AQwDiL2kVTA0e2MMV1vKmsRm9WPsqNkri2tHWKdTxI_AtLa9roN5YcR9oUUctkhFGIwzTiEQbBF7fXkTPgKmnwnUN3B5OoFu8AREwNxU3GJeVkp6geg0-sA

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8426 0
54 B 254ms
254ms Ping
image/gif 2800:3f0:4001:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kwk5se11&c=1141792063363&slotId=570896031681.5&qqid=CMu7i5fbvPQCFfCFgwcdYOEEcQ&gqid=AlSkYfS_G5aLjuwP-cOgoAo&fb=ima_html5-lima&sdkv=h.3.489.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.kwk5se13~ff.kwk5se7u
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:822::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 97ms
96ms Image
text/plain 52.73.70.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=68110&t=1638159361&cip=185.213.155.164&sn=&tgt=1&osv=10&bv=96.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1638159361041-926266246083-005649-001-002202&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.89&cb=80536955875&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&asid=5db8052928a061555326a05e%7C601176dcb1ad0912ca2d2fc6&pid=5d31fb2628a06116ff22aef3%7C59c9148628a0612da3689288&cid=5f4452d76e685a1c474b9879%7C5db803de28a061465a6e2f41&h=8134c023745d29eeab912301861f9dd58ed9dfcc&d9=1000&ad=11&vi=100&ofpr=1&imid=bb33306bcb58cb0716e7f41dfbc6aa87_1723158126_7769682&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=1&cb=1638159361533
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.70.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-70-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:05 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8426 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C0vNAAlSkYcuyHfCLjuwP4MKTiAeX6vvmZu7ap6qSD7CQHxABILCv4h9gleKQgqAHoAHkmMXwA8gBBakCPVGexJX9sj7gAgCoAwGYBACqBJcCT9BoMa0_KGdrMAJgMuwonBiYw5XmKP4eQnat2mm1EP3x0T8EBEwA00zeGVz5VlEUljVOlkJ797qMroV3Rh0XdgQGSn0iNiWjsAH5F2Mp5MQhfhWwD-z1-GJbSJAA0noxg8VLIRPw6wiDn9dQu3D7H72aQwoF8_IinMO50VegsMKWfazLntFHQkMjDDQYwH3otsetE599pcTu3YOElze1Dh6uWFztcYuULpBDJ63inIhdcLSGoyY4f1i9z85_oABcN83KFSxa35dVtk_2OOYYFN3B6IkKEJj8RwCDNfpbagosNiAjXWZ-i4MRZkqGzLb7iNpTuQ1ZUqCscWVitGZz8cVyzv05MfRXrx_JQmCBH-p05HlDed2PwAS4852Z7QPgBAGgBlSAB7rbp94BqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzE0OTUwNDI4MjE2Mjg5gAoDyAsB2BMN0BUB4hYCCAH4FgGAFwE&sigh=PG4F1W4Bbew&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=videoplaytime25&ad_mt=2941&acvw=sv%3D906%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D826,1120,1096,1600%26tos%3D750,401,201,201,202%26mtos%3D750,1151,1352,1553,1755%26amtos%3D0,0,0,0,0%26mcvt%3D1352%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2972%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D616%26pst%3D414%26dur%3D16012%26vmtime%3D2941%26dvs%3D1352%26dfvs%3D750%26dvpt%3D2959%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D256%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D750,1151,1352,1553,1755%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D484%26femvt%3D0%26emc%3D16%26emuc%3D0%26emb%3D5,2,1,1,1%26avms%3Dexc%26qi%3D53592294%26psm%3D-2147483641%26psv%3D4%26psfv%3D4%26psa%3D0%26ptlt%3D1638159366027%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1755&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1638159362874&sdkv=h.3.489.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDMxNjY0NDcxODIMNTY0NTY2MzYzMTgwQJ4CUiAQDyXSDIBBKAE6B3Vua25vd25CB3Vua25vd25I3gFQABgB

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 97ms
97ms Image
text/plain 52.73.70.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=68110&t=1638159361&cip=185.213.155.164&sn=&tgt=1&osv=10&bv=96.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1638159361041-926266246083-005649-001-002202&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.89&cb=80536955875&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&asid=5db8052928a061555326a05e%7C601176dcb1ad0912ca2d2fc6&pid=5d31fb2628a06116ff22aef3%7C59c9148628a0612da3689288&cid=5f4452d76e685a1c474b9879%7C5db803de28a061465a6e2f41&h=8134c023745d29eeab912301861f9dd58ed9dfcc&d9=1000&ad=11&vi=100&ofpr=1&imid=bb33306bcb58cb0716e7f41dfbc6aa87_1723158126_7769682&e=firstQuartile&ad=11&vi=100&d1=vpaid&fv=1&cb=1638159361533
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.70.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-70-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:06 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 97ms
96ms Image
text/plain 52.73.70.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=68110&t=1638159361&cip=185.213.155.164&sn=&tgt=1&osv=10&bv=96.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1638159361041-926266246083-005649-001-002202&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.89&cb=80536955875&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&asid=5db8052928a061555326a05e%7C601176dcb1ad0912ca2d2fc6&pid=5d31fb2628a06116ff22aef3%7C59c9148628a0612da3689288&cid=5f4452d76e685a1c474b9879%7C5db803de28a061465a6e2f41&h=8134c023745d29eeab912301861f9dd58ed9dfcc&d9=1000&ad=11&vi=100&ofpr=1&imid=bb33306bcb58cb0716e7f41dfbc6aa87_1723158126_7769682&e=sec3&vi=100&d1=vpaid&fv=1&cb=1638159361533
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.70.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-70-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:06 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 293ms
101ms XHR
text/plain 52.73.70.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=68110&t=1638159361&cip=185.213.155.164&sn=&tgt=1&osv=10&bv=96.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1638159361041-926266246083-005649-001-002202&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.89&cb=80536955875&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.70.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-70-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 29 Nov 2021 04:16:06 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8426 42 B
64 B 59ms
58ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHaNeYu4O7Eo0iP3KGPVRA379d3beFv4B0KWhyHIvgrusM5IN9Emnq-bXiQdMhHo_aHBw9h9zhypmaQgoORyEjbBI7RkoUDqAZ_OeOZIc4cMHCZIvUZA&sai=AMfl-YSEiQRXZXlpWg0aWaZw-5Xn_9fYocYSPDQuDjHs7yu6F8GYp3sLYG1XMgCyRTEzlthHsUhL_Q2K1rgcv21k-g_bYkF3-FNKNeO9eRBjdSATpDcZCOxwXJBQQbBa&sig=Cg0ArKJSzHhmcrEtAbYOEAE&cid=CAASF-Ro2XwcAoskBdY_x0HiTz2AFxZhj5WM&id=lidarv&acvw=sv%3D906%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D826,1120,1096,1600%26tos%3D1552,401,201,201,202%26mtos%3D1552,1953,2154,2355,2557%26amtos%3D0,0,0,0,0%26mcvt%3D2154%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3774%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D817%26pst%3D414%26dur%3D16012%26vmtime%3D3691%26dtos%3D2154%26dtoss%3D1%26dvs%3D802%26dfvs%3D802%26dvpt%3D802%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D1%26cs%3D4371%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D484%26femvt%3D0%26emc%3D20%26emuc%3D0%26emb%3D9,2,1,1,1%26avms%3Dexc%26qi%3D53592294%26psm%3D-2147483633%26psv%3D12%26psfv%3D12%26psa%3D0%26ptlt%3D1638159366829%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2557&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1638159362874

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8426 42 B
64 B 48ms
48ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C0vNAAlSkYcuyHfCLjuwP4MKTiAeX6vvmZu7ap6qSD7CQHxABILCv4h9gleKQgqAHoAHkmMXwA8gBBakCPVGexJX9sj7gAgCoAwGYBACqBJcCT9BoMa0_KGdrMAJgMuwonBiYw5XmKP4eQnat2mm1EP3x0T8EBEwA00zeGVz5VlEUljVOlkJ797qMroV3Rh0XdgQGSn0iNiWjsAH5F2Mp5MQhfhWwD-z1-GJbSJAA0noxg8VLIRPw6wiDn9dQu3D7H72aQwoF8_IinMO50VegsMKWfazLntFHQkMjDDQYwH3otsetE599pcTu3YOElze1Dh6uWFztcYuULpBDJ63inIhdcLSGoyY4f1i9z85_oABcN83KFSxa35dVtk_2OOYYFN3B6IkKEJj8RwCDNfpbagosNiAjXWZ-i4MRZkqGzLb7iNpTuQ1ZUqCscWVitGZz8cVyzv05MfRXrx_JQmCBH-p05HlDed2PwAS4852Z7QPgBAGgBlSAB7rbp94BqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzE0OTUwNDI4MjE2Mjg5gAoDyAsB2BMN0BUB4hYCCAH4FgGAFwE&sigh=PG4F1W4Bbew&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=video_skip_shown&ad_mt=5191&acvw=sv%3D906%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D826,1120,1096,1600%26p0%3D826,3520,1096,4000%26p1%3D826,1120,1096,1600%26tos%3D3000,401,201,201,202%26mtos%3D3000,3401,3602,3803,4005%26amtos%3D0,0,0,0,0%26mtos1%3D750,602,403%26mcvt%3D3602%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5222%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1217%26pst%3D414%26dur%3D16012%26vmtime%3D5191%26is%3D275%26i0%3D18%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D0%26c1%3D0,1,1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2250,2250,2250,2250,2250%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D484%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D16,2,1,1,1%26avms%3Dexc%26qi%3D53592294%26psm%3D-2147483585%26psv%3D60%26psfv%3D60%26psa%3D0%26ptlt%3D1638159368277%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4005%26ss0%3D0%26ss1%3D0,0.06,0.06&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.06%26t%3D1638159362874&sdkv=h.3.489.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDMxNjY0NDcxODIMNTY0NTY2MzYzMTgwQJ4CUiAQDyXSDIBBKAE6B3Vua25vd25CB3Vua25vd25I3gFQABgB

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8426 42 B
64 B 48ms
48ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C0vNAAlSkYcuyHfCLjuwP4MKTiAeX6vvmZu7ap6qSD7CQHxABILCv4h9gleKQgqAHoAHkmMXwA8gBBakCPVGexJX9sj7gAgCoAwGYBACqBJcCT9BoMa0_KGdrMAJgMuwonBiYw5XmKP4eQnat2mm1EP3x0T8EBEwA00zeGVz5VlEUljVOlkJ797qMroV3Rh0XdgQGSn0iNiWjsAH5F2Mp5MQhfhWwD-z1-GJbSJAA0noxg8VLIRPw6wiDn9dQu3D7H72aQwoF8_IinMO50VegsMKWfazLntFHQkMjDDQYwH3otsetE599pcTu3YOElze1Dh6uWFztcYuULpBDJ63inIhdcLSGoyY4f1i9z85_oABcN83KFSxa35dVtk_2OOYYFN3B6IkKEJj8RwCDNfpbagosNiAjXWZ-i4MRZkqGzLb7iNpTuQ1ZUqCscWVitGZz8cVyzv05MfRXrx_JQmCBH-p05HlDed2PwAS4852Z7QPgBAGgBlSAB7rbp94BqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzE0OTUwNDI4MjE2Mjg5gAoDyAsB2BMN0BUB4hYCCAH4FgGAFwE&sigh=PG4F1W4Bbew&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=videoplaytime50&ad_mt=5691&acvw=sv%3D906%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D826,1120,1096,1600%26tos%3D3501,401,201,201,202%26mtos%3D3501,3902,4103,4304,4506%26amtos%3D0,0,0,0,0%26mcvt%3D4103%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5723%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1418%26pst%3D414%26dur%3D16012%26vmtime%3D5691%26dtos%3D1949%26dtoss%3D2%26dvs%3D1949%26dfvs%3D1949%26dvpt%3D1949%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D16777728%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2751,2751,2751,2751,2751%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D484%26femvt%3D0%26emc%3D30%26emuc%3D0%26emb%3D19,2,1,1,1%26avms%3Dexc%26qi%3D53592294%26psm%3D-2147483585%26psv%3D60%26psfv%3D60%26psa%3D0%26ptlt%3D1638159368778%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4506&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1638159362874&sdkv=h.3.489.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDMxNjY0NDcxODIMNTY0NTY2MzYzMTgwQJ4CUiAQDyXSDIBBKAE6B3Vua25vd25CB3Vua25vd25I3gFQABgB

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 04:16:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 96ms
96ms Image
text/plain 52.73.70.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=68110&t=1638159361&cip=185.213.155.164&sn=&tgt=1&osv=10&bv=96.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1638159361041-926266246083-005649-001-002202&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.89&cb=80536955875&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&asid=5db8052928a061555326a05e%7C601176dcb1ad0912ca2d2fc6&pid=5d31fb2628a06116ff22aef3%7C59c9148628a0612da3689288&cid=5f4452d76e685a1c474b9879%7C5db803de28a061465a6e2f41&h=8134c023745d29eeab912301861f9dd58ed9dfcc&d9=1000&ad=11&vi=100&ofpr=1&imid=bb33306bcb58cb0716e7f41dfbc6aa87_1723158126_7769682&e=midpoint&ad=11&vi=100&d1=vpaid&fv=1&cb=1638159361533
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.70.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-70-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 04:16:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

98 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.publinews.gt/gt	1969-12-31 23:59:59	Name: epl_dxs_r Value: true
.mgid.com/	1970-01-19 23:02:41	Name: __cf_bm Value: 1a210Z0aeQtisTAhNgBfoHGiCnk.6iYu.u7YjSrHmX8-1638159359-0-AbZAKjE9FyapEYuC/+JX1mguIxaFl1BZe3KOsIBZSkPAUowvhSjcu0XXghcnynWNwwGzWMGwrf2Kushq/5Efn5I=
.publinews.gt/	1970-01-19 23:02:41	Name: __asc Value: 9ff1aadc17d69e81ecd2a601b41
.publinews.gt/	1970-01-20 07:49:41	Name: __auc Value: 9ff1aadc17d69e81ecd2a601b41
.navdmp.com/	1970-01-20 07:48:36	Name: ac3 Value: 1
adserver.latinon.com/	1969-12-31 23:59:59	Name: OAGEO Value: 2%7CDE%7CEU%7C1%7CFrankfurt%20am%20Main%7C60326%7C50.1049%7C8.6295%7C500%7CEurope%2FBerlin%7C%7CHE%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.navdmp.com/	1970-01-20 16:19:27	Name: nid Value: fc8627459603fafe22cba6cd509\|1\|359
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.publinews.gt/	1970-01-20 16:33:51	Name: _ga Value: GA1.2.1219426785.1638159360
.publinews.gt/	1970-01-19 23:04:05	Name: _gid Value: GA1.2.355729448.1638159360
.publinews.gt/	1970-01-19 23:02:39	Name: _gat_UA-53456215-1 Value: 1
.publinews.gt/	1970-01-19 23:02:39	Name: _gat_gtag_UA_53456215_1 Value: 1
.publinews.gt/	1970-01-19 23:02:39	Name: _gat_UA-52170176-1 Value: 1
.publinews.gt/	1970-01-19 23:02:39	Name: _gat_UA-90285-12 Value: 1
.publinews.gt/	1970-01-19 23:02:39	Name: _gat_gtag_UA_90285_12 Value: 1
.publinews.gt/	1970-01-19 23:02:39	Name: _gat_gtag_UA_52170176_1 Value: 1
.publinews.gt/	1970-01-20 07:48:15	Name: nvg60118 Value: fc8627459ce1a8dff572f58e709\|0_334
.e-planning.net/	1970-01-22 12:21:51	Name: E Value: APpTqgUhRHYTEVX5
.mathtag.com/	1970-01-20 08:28:34	Name: uuid Value: b86e61a4-53ff-4000-b37d-cc4f52a4e882
.zeotap.com/	1970-01-20 07:48:15	Name: zc Value: fcbe4019-3893-4fd3-5562-e693783720b2
.zeotap.com/	1970-01-19 23:04:05	Name: zsc Value: %25%8F%94%B7%A6Xh%E2%14zE%D5%A0y%29%1C%04%E8%B7m%D5xC%FE%9Cw%EA%F3%F4%FC%C8%98%F5%84%FB%29%FF%D3%B7%DAP%FE%E9%BE%BE%EFJ%0AY%B9%24P%D2%13%B3VC%CA%F9%B3%E9%A5%07%F6%A7%A9L.%8Ao%86B%FE%00%AA%16k%10%1Dw%DC%E4d%07o%147%9E%84%8A%7DfSGz%27%C6~%FE%A6n%1E%F88%AB%24A%E5%14%B6%0A%E51%BE%EBG%D3%AF2%1B%D6%19%E7%F3%F0M%89%F2%D3f%9B%F7%F2_%EB%7B%F9%F0%5B%093%FB%06%C1%19%B1%16ke%FA%83R-%E6%FC%B4V%A3d%D4%C8%C4%5B%40%91%A5%99K
.doubleclick.net/	1970-01-20 08:24:15	Name: IDE Value: AHWqTUmLa1jhpa6yogjSnb9nfLprLB44Iz1kI5kH2DpGkFd--OHFfPC3hPc9MmoDmCc
.publinews.gt/	1970-01-20 08:24:15	Name: __gads Value: ID=e72dd9e1a2cc4ae1:T=1638159360:S=ALNI_MYTkNYIISGDG2NeSKgG5uZgO8cxVg
.lijit.com/	1970-01-20 07:48:15	Name: ljt_reader Value: 37fafbb702b8c854415d79b2
adserver.latinon.com/	1970-01-20 07:48:15	Name: OAID Value: 01000111010001000101000001010010
.adfarm1.adition.com/	1970-01-20 01:12:15	Name: UserID1 Value: 7035840876843759764
.tapad.com/	1970-01-20 00:29:03	Name: TapAd_TS Value: 1638159360601
.tapad.com/	1970-01-20 00:29:03	Name: TapAd_DID Value: 4022b571-2bf9-447f-bdd3-6ab87424af39
.tapad.com/	1970-01-20 00:29:03	Name: TapAd_3WAY_SYNCS Value:
.adsrvr.org/	1970-01-20 07:48:15	Name: TDID Value: 646e248e-bc67-48ca-8f5b-e472d1b7d497
.demdex.net/	1970-01-20 03:21:51	Name: demdex Value: 68954712913946408102542763565108005005
.tidaltv.com/	1970-01-20 07:48:15	Name: tidal_ttid Value: 996d38c9-6a71-40d2-be91-dd02eda6bacc
.weborama.fr/	1970-01-20 08:34:20	Name: AFFICHE_W Value: NXaRnhtLboM120
.theadex.com/	1970-01-20 01:12:15	Name: axd Value: 4278709190486062076
.theadex.com/	1970-01-19 23:12:44	Name: tis Value: EP175%3A3004
.dpm.demdex.net/	1970-01-20 03:21:51	Name: dpm Value: 68954712913946408102542763565108005005
.tidaltv.com/	1970-01-20 07:48:15	Name: sync-his Value: "H4sIAAAAAAAAADM0sjQ1tDK0MAIAjwnRiAkAAAA="
.agkn.com/	1970-01-20 07:48:15	Name: ab Value: 0001%3A0QGxHDM8GJQ4m3rrNhb4rIoTPxXzm4%2BT
.richaudience.com/	1970-01-20 01:12:15	Name: avcid-zeo-uid Value: fcbe4019-3893-4fd3-5562-e693783720b2
.krxd.net/	1970-01-20 03:21:51	Name: _kuid_ Value: OgpOM2xy
.crwdcntrl.net/	1970-01-20 05:31:26	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:31:26	Name: _cc_id Value: edc9d904ff18d47d89b255cb51e23e66
.crwdcntrl.net/	1970-01-20 05:31:27	Name: _cc_cc Value: "ACZ4XmNQSE1JtkyxNDBJSzO0SDExT7GwTDIyNU1OMjVMNTJONTNjAILEJSEgCgYAYBQKfQ%3D%3D"
.crwdcntrl.net/	1970-01-20 05:31:27	Name: _cc_aud Value: "ABR4XmNgYGBIXBICJGEAABGkAVo%3D"
.everesttech.net/	1970-01-20 07:48:15	Name: everest_g_v2 Value: g_surferid~YaRUAAAIGMd3TQBR
.fwmrm.net/	1970-01-20 03:21:51	Name: _uid Value: "e45b8_7035840881131315970"
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: las1bKtsVGgk
servicer.mgid.com/	1970-01-19 23:02:40	Name: __mglb Value: 2b804be0d04e992ad0d5ca78c8f32d46
www.publinews.gt/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C1129387%22%3A%7B%22page%22%3A1%2C%22time%22%3A1638159361316%7D%7D
.aniview.com/	1970-01-19 23:17:03	Name: aniC Value: 1638159361041-926266246083-005649-001-002202
.advertising.com/	1970-01-20 07:49:41	Name: APID Value: UP0fd0d507-50cb-11ec-9982-06a20cd9f756
.bidswitch.net/	1970-01-20 07:48:15	Name: c Value: 1638159361
.bidswitch.net/	1970-01-20 07:48:15	Name: tuuid_lu Value: 1638159361
.bidswitch.net/	1970-01-20 07:48:15	Name: tuuid Value: 712269ee-708e-411c-b8d4-ea99fb0dabd7
.creativecdn.com/	1970-01-20 07:48:15	Name: u Value: 4FrMuAk1tVx7vL3W1O3O
.creativecdn.com/	1970-01-20 07:48:15	Name: ts Value: 1638159361
.e-volution.ai/	1970-01-19 23:22:48	Name: v_usr Value: 04ace56d-caa7-4eeb-ba7e-7e35b0b57a07
.1rx.io/	1970-01-20 07:48:15	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b8f83d16-3377-43da-912a-e9a306a7188d-003%22%7D
.idealmedia.io/	1970-01-25 20:31:23	Name: muidn Value: las1bKtsVGgk
.lentainform.com/	1970-01-25 20:31:23	Name: muidn Value: las1bKtsVGgk
.360yield.com/	1970-01-20 01:12:15	Name: tuuid Value: 4bc12208-fe51-45dd-b1e9-21c3b8951b2e
.360yield.com/	1970-01-20 01:12:15	Name: tuuid_lu Value: 1638159361
.smartadserver.com/	1970-01-20 08:32:53	Name: pid Value: 6004880024033247267
.targeting.unrulymedia.com/	1970-01-20 07:48:15	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b8f83d16-3377-43da-912a-e9a306a7188d-003%22%7D
ads.stickyadstv.com/	1970-01-19 23:45:51	Name: UID Value: f4b75b7c5ccb53dbec2b6a17a9c
.bidr.io/	1970-01-20 08:31:09	Name: bito Value: ABzCxk7DSKgAACrsjHsDFQ
.bidr.io/	1970-01-20 08:31:09	Name: bitoIsSecure Value: ok
.aniview.com/	1970-01-19 23:04:05	Name: 2_C_200 Value: RX-b8f83d16-3377-43da-912a-e9a306a7188d-003
sync.aniview.com/	1970-01-19 23:04:05	Name: 2_C_200 Value: RX-b8f83d16-3377-43da-912a-e9a306a7188d-003
.mfadsrvr.com/	1970-01-20 16:33:51	Name: tuuid Value: 55646076-f716-4014-b0bb-b187ede55103
.mfadsrvr.com/	1970-01-20 16:33:51	Name: c Value: 1638159362
.mfadsrvr.com/	1970-01-20 16:33:51	Name: tuuid_lu Value: 1638159362
.mfadsrvr.com/	1970-01-20 16:33:51	Name: ssh Value: !mgid,1638159362
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 516b6e9b87e5b5548cdcba318cd2a023
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP0fd0d507-50cb-11ec-9982-06a20cd9f756
.yahoo.com/	1970-01-19 23:04:05	Name: APIDTS Value: 1638159362
.yahoo.com/	1970-01-20 07:48:36	Name: A3 Value: d=AQABBABUpGECEE0Pj-ynX9wFgXdFCjPAw1oFEgEBAQGlpWGuYQAAAAAA_eMAAA&S=AQAAArkan5LwjWVqlbPdVIvnS0U
.rubiconproject.com/	1970-01-20 07:48:15	Name: khaos Value: KWK5SDL5-14-1D77
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|XoTpdAZC/OrCXi+t2tt8Mx7c5rJaP5uXhxptBfrzPAh1r4H5P2/gRsHybbqOjeCkSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GLHAInpgWpDr9ePsX4JPWMcjCRbro=
.rubiconproject.com/	1970-01-20 07:48:15	Name: audit Value: 1\|mFVHqHkj5bHnZqth3bw5xXwXqr16Ga3GjVuvEYrIRrv5XFpYwE3NCD4qU5i/OZ85oHEYQm0jtgnMboWaW1ii7R8Ia7lI5uZ/
.adtelligent.com/	1970-01-20 00:31:56	Name: vmuid Value: 55faa017425e145f
ads.stickyadstv.com/	1970-01-20 00:29:03	Name: uid-bp-36033 Value: e45b8_7035840881131315970
ads.stickyadstv.com/	1970-01-20 00:29:03	Name: MRM_UID Value: e45b8_7035840881131315970
.analytics.yahoo.com/	1970-01-20 07:49:41	Name: IDSYNC Value: "1776~21ss:187s~21ss"
cm.mgid.com/	1970-01-19 23:45:51	Name: mg_sync Value: {"287839":1638159362,"433145":1638159361,"501037":1638159361,"617666":1638159362,"665953":1638159361}
ads.stickyadstv.com/	1970-01-20 00:29:03	Name: uid-bp-159 Value: CAESEImj4BC0MJaJ0xgS1M_t7oI
.adsrvr.org/	1970-01-20 07:48:15	Name: TDCPM Value: CAEYASABKAIyCwjqnIj7tb6ZOhAFOAFaCXN0aWNreWFkc2AC
ads.stickyadstv.com/	1970-01-20 00:29:03	Name: uid-bp-892 Value: 646e248e-bc67-48ca-8f5b-e472d1b7d497
ads.stickyadstv.com/	1970-01-19 23:45:51	Name: uid-bp-717 Value: y-FOLCVGhE2oPNyKaAlUdgujMi3VH8RHv10Wvr.s3y~A
.adnxs.com/	1970-01-20 01:12:15	Name: uuid2 Value: 6299299316721760770
ads.stickyadstv.com/	1970-01-20 00:29:03	Name: uid-bp-951 Value: 6299299316721760770
ads.stickyadstv.com/	1970-01-20 00:29:03	Name: uid-bp-529 Value: b86e61a4-53ff-4000-b37d-cc4f52a4e882
.adform.net/	1970-01-19 23:45:51	Name: C Value: 1
.adform.net/	1970-01-20 00:29:03	Name: uid Value: 3313540736379815739
ads.stickyadstv.com/	1970-01-20 00:29:03	Name: uid-bp-617 Value: 3313540736379815739
.w55c.net/	1970-01-20 08:31:27	Name: wfivefivec Value: 0zmNlsEF1MRy5c5
.w55c.net/	1970-01-19 23:45:51	Name: matchfreewheel Value: 5
ads.stickyadstv.com/	1970-01-20 00:29:03	Name: uid-bp-23329 Value: 0zmNlsEF1MRy5c5

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fcbe4019-3893-4fd3-5562-e693783720b2&reqId=daec8d48-0d09-4fb9-55c9-98fa74ed1af4&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://www.publinews.gt/gt/ Message: Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto' from origin 'https://www.publinews.gt' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.publinews.gt/gt/ Message: Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto' from origin 'https://www.publinews.gt' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14a13404f8436a6be68ff0825dee5738.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
aa.agkn.com
aax-eu.amazon-adsystem.com
abs.twimg.com
ad.360yield.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
adserver.latinon.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.fouanalytics.com
bcp.crwdcntrl.net
beacon-nf.rubiconproject.com
beacon.krxd.net
bn01.er.bemail.it
c.mgid.com
cdn-images.mailchimp.com
cdn.mgid.com
cdn.navdmp.com
cdn.syndication.twimg.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.analytics.yahoo.com
creativecdn.com
csi.gstatic.com
dkae4asr0dphj.cloudfront.net
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gov.aniview.com
i.e-planning.net
i.ytimg.com
ib.adnxs.com
idsync.frontend.weborama.fr
image6.pubmatic.com
imasdk.googleapis.com
jsc.mgid.com
loadeu.exelator.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
player.aniview.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
publinewsgt.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rr3---sn-5hne6nsk.googlevideo.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.adtelligent.com
s.e-planning.net
s.pubmine.com
s0.2mdn.net
s8t.teads.tv
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
spl.zeotap.com
ssbsync.smartadserver.com
static.publinews.gt
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.aniview.com
sync.e-volution.ai
sync.navdmp.com
sync.richaudience.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
sync2.navdmp.com
syndication.twitter.com
t.teads.tv
tag.1rx.io
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
ton.twimg.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
u-ams02.e-planning.net
ups.analytics.yahoo.com
usermatch.krxd.net
usr.navdmp.com
vast.aniview.com
video-ads.rubiconproject.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.publinews.gt
x.bidswitch.net
googleads.g.doubleclick.net
match.prod.bidr.io
104.109.78.125
104.111.215.191
104.111.230.142
104.16.221.74
104.19.132.78
104.19.133.78
104.19.216.61
104.244.42.72
107.20.192.231
109.206.161.21
142.250.185.130
142.250.186.98
143.204.96.118
143.204.98.104
143.204.98.17
143.204.98.34
144.76.115.197
151.1.205.165
151.101.2.49
168.119.79.223
176.34.151.72
18.156.0.31
18.193.230.138
185.184.8.65
185.64.190.78
185.86.137.122
2.18.232.7
2.18.233.180
2.18.233.201
2.18.234.233
2.19.35.65
205.234.175.175
212.82.100.182
213.19.147.43
213.19.147.45
2600:1f18:6593:f607:1e48:63e3:baf2:55da
2600:9000:2156:ea00:18:e253:91c0:21
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:db6
2606:4700:3033::6815:3a2a
2606:4700::6810:ef3
2800:3f0:4001:822::2003
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2016
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9c
2a00:1450:400e:5::8
2a02:26f0:6c00:191::26e5
2a02:26f0:6c00:28a::2c79
2a02:26f0:6c00:2ab::2c79
2a04:4e42::300
2a05:d018:24:b001:6cd5:9d52:6dd6:6c58
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.120.52.200
3.122.145.244
3.124.43.130
3.20.177.195
3.212.101.249
3.212.173.197
34.249.68.36
34.254.143.3
34.98.67.61
35.201.81.244
35.212.212.222
35.227.248.159
37.157.4.28
37.252.172.37
49.12.125.168
5.178.65.245
5.178.65.246
5.178.65.253
51.89.9.252
52.208.185.108
52.215.136.198
52.223.40.198
52.29.208.72
52.50.109.234
52.73.70.207
52.94.222.140
54.146.189.157
54.76.140.148
54.83.97.117
62.149.0.72
64.227.27.145
69.173.144.158
72.251.249.9
8.39.36.141
8.39.36.142
85.114.159.118
89.163.159.106
99.80.191.196
007222190f7b3cd6e69a40417234c57d1e90abd9402c094b84cf145fd5bb9aa6
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
01250d1d31574fad0be4f8cbfee67a9ba251b96e7e924389ec44f81dfd4d1399
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
01cdbb8282b78160bf6eb29d2a5f8d56c46786a59011f9b673998d58c2c78917
02007cb9ea5401983a0a4a34d08c1a57c75484d0852194291e124c94b848d474
050aa9ec6094750bbc959ee2e2bd3f50395f7e5448879bfb9e86985040b54f21
052a05537c8075c1f9eb8d2aed8cdbac175cde2865249faf0670e96ed919fa51
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
065e8db3f7fafeab0aba372652272fccc6b486bc46671f9e544338c0bae284ff
079caf9cb36d1b9dee92059742618aa5ad7fbb4abb61955232ce8f0ad8679b58
0a1bb0bc800de66b72ab473c17e20e5a1a5f455b8109b062e0bd62d87e2bf26e
0ba39d56cb112c7a8776e6a4b8287bcecfbf1f4909340962569532dd995243e3
0bb82cbb4908ac55346d09bff4323881464d4ef148a4a9ff6858d94b54f26c27
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cb5d53b3f280131c756bc101bbfdbb368c60d4b55d98b55e0e7b87cc15a74a2
0cb84ffc011aa15877ef9fe46635eac99861b74820b11c0f8522602a961247f9
0ce828b11c617e79ea290e4ea00e5141cfed0f0276bee0259f5f541a7e9ce26e
0d2bea0baca294527c0a64e2cfda428b169b4e91f0e0d3fa51c971d8d70079fa
0da563d8fc4e14fac20984e96e83406f2554ee1bef09f5de660a7662c1713ecc
0f418d591ab907ecb2509d4b0f59b21545c190676524cf3c866dabc7553cc488
1133355be75f91efecc6366167fde50cfc402509f7b55c034ecdb3811678abd5
1189ba00353fe33a7d7b891f033ba61de61ba0dd8ab306dee53c15e5bf6b800a
12eed69c3b6138f2c1478a1a8ced6f7193a356cb37cf4b3751de6b10946a35f7
1356f193486d07903d18b921764f363c623d35ac231829cce4daf5d80c3b140b
13da1114f815e6960747b26eee1a0631bee66d27addc1b60e813a06345103925
142285bd07a14ae41f00f7a4abfb34d050e788f6d64e3935fda159cef378acab
147de4f28324ee3537c8f601d4e36afe0bbb8319fdaa827973f2afa91844e7c2
16d38d0cc8b1a2929c8634e25aaac00bf76a8b3a5083fffcac5d18624747be82
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
172b4854a57c9a20da3a239720ac32a7812203b910be2f21a7086cf10fa0854e
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
18790e55b886d0d21fabef028c4bfb1121999a1aa564ac1078d4fa3d0f811e4e
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1a09fe33a55d9a430e4889891492cd7ebd2c839259aa9f1e2fc0b67a908388d0
1adf337204d2f4cee5264b18e3212be7a93cd619c705e30bf89a3d27192b77f6
1c4e14ec79b11cbb61ae9332942ec90a44f26fe59e1b6455c570c38818e4df00
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1db238f7986bc20c75a137f1db2fe705bb6b9f9c6dafc606d30a8cf4e217f402
1dca76e973cb230decf4598a9772cf449a9fd5baad85dd30136e7da56aae695d
1e454c9cbe9148173282ff772bcccce338ff927016a7ab660c333607f610d229
1feccc5457246a341b82f181fa84317e9dd084c63ac370c1ac43104c3cbf3329
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2046f0951f540e47a6f178435eebd438296264afc9836abf8c15b69eda03786f
20a22e2a0610fa88287f0f8a033e1f8c5fb3abb7f0a0d527115b6ce3dde328a1
20a7cab4c3d02182a4adf415218a7bf45485746273fba452bf48c4d3cf5df9d7
20de6540a404f5dacfa5cc24c2d7b684c4a57725eaba74d7b1896890f1bee73a
2142ed8f8fea43747c0cf437c69568199c8f0cc7bf01d40d5263ffbfb75eaf02
21a80bbe8aa391dec1138ee9d7d4b06bd0b7e4c561c7b007c69f72163e54e9c3
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2474659f728c780197739ecebba60f34fc1ee6012cf388e231ad01a56fc2621d
27245a8a3f678528283aa04f0767f4e880e0ddc8b3d517a4a770d03b556926c6
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3139db5bbf7fe4c04b0a9fd138c8b3ac7c59e036d3a2bd6cbe3d24b8cf4ffd01
3172a96c957355bc92da68d5c88483ee33d364b7f78de4772728d314b0182f92
319b0714ca24bf51a951c0d3b55fae7c7a8e21900d9147511197450b470867f5
319b3af03638ca0a6230938f9a10efbf626ea827abb3d421f624ca0246541286
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31f24a77df42abbe0d016c67f92cffb81a0d9b18d456e164072622dd460e2d32
325f22f082d877326c2920368c869974f59eabee083b21c8f96bb995ce6c6acb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32da9aa631e908c60315f445f8a44e4808940c2fcb7a1840c8c2e8e3f6c62353
330dba950f9e4e4470ab91680739bf8220be7424c63cf035185fb39dfe4e3a50
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3867cefd20693bc083d9f54dafd63fe61b42033ebca196219f2e186afd062038
38b0418bb58311b229df6d057463806e2d7662e3025a29c03d9a867f294c3e00
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3be29565ed74ebe94b47d147f84748dc076566e4348c72db227ad8cf72a75f24
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3f43187776cc2fd671ed841523cc7bfd3d8d4dc3c0a32e0ae3b1b84e32f6d871
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b50d4bff7b610443d71d0c6c29031ec216cd78b5b0aba138b413ac1689a10b
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
42fa529d67919fa8d028c501b4e86c9509e1906dfbdd859a2ed36dc44e46d881
438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152
441190ba2b13013b7493f024e780f07c29817bbc83f6b81d507c406605718711
449fbd34fc9ddf0bc8ce99871be2cd91b708b6ba3a888db2adce595ccc886450
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4559fbce3949045143b9991f6a0ff26c442d133a8b3164fe83c887d529b5a517
483481ad7a0fc01179ff6fb1d62a3714269c66d2622e9fb1e532d4907146b6ef
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a51d17e2ae6c6997ddb2a88d2304c20f64a1cb968f43a9b5e6dbec12a9c7f64
4bc4b508bb0ccc41052f6a18eb23441543da2d209c152f62577e954367b4d62d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea4f26725e6bf79612c7f78e6b0a23eb5c1519c044906797952f94c74a9d324
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
50082d4c1d9de67bdbc4e1cfeae4b0bcb138a2c964c395f36a4921482e9cf9e7
50f287a0eb7bf83583fd215fb1a2ef597390932d2fbb07b6785d539648a0e864
522952d0caabfa72aa2f8176cfa730db841a186cf2a1c368b9fe23929350e060
5340961cc2751c4b61e6b902a73348101135416b53e842a0e7a1ae5409e45eaa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
5533874c2b0145642ca304f110240fcdb05253df388c2f7b97c053ad5eb69b65
558306120cd54b9bb7193b5a7b4209b9e29c0a639d298da2b0e906fbdc05e946
569c316c92130ef0fa343d640a6ea9cbb64923de4e9707e9bd0eca8dd11a12a9
570d442edabab9cca16278684d397019228f00337d4bd81aac65ad0e42a02865
5e7a3fcf1342343f51cb1edeaf41bac53057d8b8733100c082be2f8cc53b9340
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f1633696885dd88b7572159d97688b6f24bb4247189b72149b053a9386b14f0
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
622bd29e595894b02f5c5ab95628f99d6e6d46483bac342b4fff38bbc64a8a35
6423701ef69e19ff906654b7e6850600eeeac8562cc5e1e39242b82e83f65002
65431286e84e46ad86d064d3bfed2de9da3d32dc4f8c9fd28750302f890e8324
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66e8ee4eb6a609d65acd38ac2ab339a9d40070ac2de9aed1dbf73b4f65f5e053
670f61ddc2a337c6731ace2496254582ce70c1c9e8375edf1b918818aa6ea9d5
67146d9cb1502dc74815546bebb729ffefdbd37a777db5e0505e5cebd8281210
681f84656bf64b6a41998c6b4140ca1a79f5647634cbc2a628ca4215aa136efc
6b820fb99ab86da66fab0ebdbb099cad41e6431766f78e887c60585f882aae50
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bbd6c2596ee21cebd2be43de4032b072a4286c7c4e64aaad4abaf8c87513a43
6bd4d060e1744089ea5cfeb86b2f7c4e1d5f629b200d5ba908f655f2b9f3a8ef
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c25b976778ba4a030773a7897d64c44197eb5e393115ff8367c9d78aeffdc3c
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6d6112648e9204d1bde5b31048c4250c2938f16c159ff90f79f4cd5cea87da11
6db4ecf5b0285c37c1eec6a06b8b88b14447a13bf9d55e814a3953672ab88000
6dbf0b9c7b1b389db1b6693e5e406068b4b59edf2d1cce6d23565616d78a81a0
6ea064b4487bc8c78af6436f595507dd163daa647a78ff6d917348db865ffcde
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f0dce8cd4d682fa59faf594019c7175f0c9d5ce5194470507417df0e1ed69dd
6f8cc8ba2f49cf82b3c377eb96444d5a38767deb463cef6afd5513324d57df7f
71141f40b7c1212d504ec64130c530f48db14c7510c560730fb0b717fe5e1327
718f4c4909174ed264534b3ad5d92a54e95625b14319122c981c96d3dcc8fb0d
71cdbee8ab5e8b9b8f8d545bc6c55216e2a5aa238ab99e48d2a62c14d441731f
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
738832e51c55b88cc185c0ce29dfe95049caf277090e04dd84bcfc3077952a5c
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
759b95af1ac5509ca5590cd9ac5aa7d792f42affeb4c33b123215c43b1934eae
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
76f1e8cac24ea2783e9404ea243e9cb9dfad70254ab2d7bad349217adea6cdde
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
78ca3b1e1fa7d9f8b2c9f367e26ff3de7d06f9f984b2905844ffde38c70dc52e
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7947be9205ded58b4d9b84f7282ef6a1c47dcfdc7b2376c123e0422af16a8fa6
7965777dcddb12ba6fcbfdb90bbbe664dfeec6ee3fb6a069c1fad9980bc25a10
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a1a6c8e06998082ac95645a908b3e98db06233a0693fd00034e795e5c120203
7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474
7c90f22dc5fcf5f1507a2585690df809988f26d96cefe3aa23f5817857dfd031
7cd314eaa2617e6239f43abff91e10b5c4a7fd6dcb43af265b113137903e93c8
800b08cefce5fb7380e3133c0b7a8b6e6a7fa779c1cc42b7c2d40a64c7f57bea
8195ec559939a3299a302f8e0c182ba87ddc46b9d26de044d2b8b69fd412a645
8357d105502700ba0d88bc4b5e7e0e03a6c43506e63f7db2c4d644621f2e4827
8446880b8da895ab62c29652fe12e7aa483666cb0a54532abf231d415a4943ab
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
86441c9a21f4c77dcbb2a4f020d904179f15c8e9b35f3f85d5d053ee62c13232
872ec7cac15a563bfd0a02ddf0f73608ac02b9b8f98c778b9ce515da094d654b
883282dd40d25aef7a308257f1ac4efbdd1f3e436e53356be71ca2251648a0ff
886b588dc30ca4db57d6f1731272df6cf6335cac8f2bf2e7bf9b1939208e9e67
888bc5618973079f4a157c8c94b0afe382e7e957306429c5880e032c83fb8e0c
893e5747a8a162b5cbb7784466461bbdd94a5b5ca4451764979da7bf0c69fa36
89e06a72524a262aa7a2771cee20a8ac7453932682e61597216a9d22505bbc6c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8a64dc4eedb0027a63dbca746d85413bf249ff66c9e8ae3085493034a084af53
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b8154f4397a0f47056c7d8191bab547e0c6ea2376a9b920585ea53a44673b1d
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8efd7ef0887f8d97df1f68248a4d6f603ab11021a0f683e61584227ee7a71909
8fc356d86a4ae901a12544bb5d0ac88dd7e607075e97b1221e19e9c7852be366
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
9097e9aa5f0e2f0970398a99f585c28e6d5bc8ae49b7cbf90392bb5ca20b7147
912c4c41d8cdfdc18db66b83a077d2d32b25214a5b11006046678b5db263d19c
913306b3efeb158d441fb1c776b35ac7428029ba1a21669251ea0e5491058d80
937a3477372a826e2221ab76df0804efbd2912f2b7d7c217dcea698a7007391c
959ca14c61ba90f56a1a27a5c318777eb3e3bf190e97943c28d1b3a08db0c8ee
9a09c63687d35293c35bb6c47767c2700b2505f3c22e700ef8499db3dda30392
9db28eafbede298448562088ea5752930925564ce7f57d47af45c48eb710a85a
9dd0fa5273465330e7f6a2b4657910545ca6105067064577c882862f7357b876
9df87f102ba3f629420b9f0b6c1b18fa6f951a199e4c8b8489449a2b2cd2d9f4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0aad236d91f8a4ccca9299f760e17fff3a18635872a6e38ae4900eead00cd38
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b15784aecce4e1f8108e860453b5f0fbaebbb44b66b3caf9c80b30354f8dde
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52825a7901f0705ae5580c7527ed6a2fefb3a6c47ae794030e4989969bf77af
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a61a648444a16a41ef29c2f3ce95053de667e244321323ea9a669c35768e0397
a61e94c6cee47c0f689736d8b6d3a8ba98f9501a3e834b2cdedc374e4b88c6cf
a71821d8ac3fc6df9a79f05609bcfdc958552e02f3c12699c94111cc997ffcae
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece
ada5a5d321e3f676297cf3ea6c7bbd31d23887503fc6c54f39aea2855d044a0c
aee7d2f3931049f9fbdccac3d0e7e36eca23ce66c76c464ed28372d7d4559597
afdcea0f0312450b432c976f511fff685242315e8883991efdec19b0d2673c40
b07c38372a1e49cf3c8b20e4e238aa367c4da67aa21b762d67cf19f1366141bf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fcb4195f263e661c3fd4acc656f32e8a467ee28f50ba995cda9bb7902ae746
b441ddac6946e4c489b0a461206132f107dd51bb10ea187216f681a62119f7e9
b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7
b4a6fe0d1f924561c85bc0bba6e0228f1783050e1bcd405f9a18082f7f850263
b6a6ee9f7c7baccbe33a644888b959da1fb9730607a20b6d1f8e00b38a32e484
b6e2cb91e192cdb8e9b9e19440a7abd15c19c64f4e71f473476a129f5f025466
b812f5894799de22e0d52b37f0374e5b56204ad55f7b1efdf7ecf52c48be1411
b96ac399e4e6f213767cbd0072921d6df80645506591f72319a80a78450f3421
bc97e63340ec0aa4c1588d17061fc56057cd830a7a33c7df86e564dbc1626f51
bedab15fd177a9715568682a8b3a04edd59939cafffa07dfd2e6e64b010f757c
bf31a093438aaa469977520bf95a0d986b6d5aac2a0109709d69e602031bda60
bf9614206d228bbbab8fec9be817239106a56039e47374bee59a505b192b6c43
c0e9442480513f12f46226f2125244725d098284e975791fa9a36608726e85c2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c344293ae037d3d1d273dbaf5416057c6652851f15c7df86c819cac766a3ff24
c399440603be8cadf5ac8794019cafef0749301b9d384d71187d67026fcbcdc0
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c432f39b6ed36d73635f0dbf81de0567182c55d99423e906d82a33dfa4e2b02e
c509db66493d4bdec3fef4ddecb840c474d56af96491742323e472ddac08417c
c687421b4d03ee07a1266e1ece740eba2f7d666eb232d433b5c35203ae52f702
c6a6bef5f37a3167a5998b1631530827d42847b281beb5aa3155ef7c057d2ac8
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c707b46c7eed6f13a7d9214ec34dd80c12929d4fbfb29808b6bbd3f0bc24286e
c8593c2996b948cb3854d0a3c46666cbeccfa205050f5d42716da3326857525f
cd79957826023b93eab46e5e3719d77b72dadecac521341e572fa9ebb4b19dfe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf85242e9b3ceb7147907911c2f6a14da84b99d06aba24c4daad28cbbf93209b
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12f1d9c35940a2b74b61e7125d12245c1de8c96e386583979963db701383d95
d1395737dc86c70163a025aea31c989ccbc8c99dabb6a1d347b27c03d86e9846
d19cd55a7044e88aeb85d8d990587ac9b53188e58d90d70df407a5160bfb46c4
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d2d00dfb6d151fde71f7e3322e2f5cba9c25f90d1df0a30365b529fc969f0d94
d4736026f79754d0c3edd2e36abe9206c1f2adacb98489591bd6ebe586aba75e
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac
d641f280947f782d8b838832c4edcabdae451621cc25f7b6372e602ddfe6ea37
d6bb9d39bae35865d68eac5a651d0bfaa05c0ddf75d9f20b76f38289867ea30f
d7fa5bb5982b0fec8dc83ec09e0b5f88fd56615cc30cee091c46c110cff61d5e
d83ce8329e05cb6ba55d60878e853e5506f1549b0f39228baf86abfffb4fdfec
d8a754aeb7ddf52b4696dcbb5f3d43f8a3f1b4f7ab2e2a8189ead0ee1675e65a
dcc6aaeccd530bcb0e91ef01e2046485f1ad113a865aafb17a740eee4da61e32
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de8383d06a56f08749ed99ad3d43911fe88072a79e9148e2d1dead390f64893f
de919ef8bb324fe3a49490a07f1e4090b4af332836db1098331971108a611f3d
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
df6b5f74ee7567e54fc461f6cb5a69d9a39c1aa00e055ffaed33cac2d3b53c09
dfbde71fd191f2183e53dfaaa3004a6b5a8bb4bac1142f0cf6d9a186cc4bc75f
e24928d7d73d973842a21a3f630f4b4ef2eb8c139130820ca0f6f7c2d7a15245
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e297afc5cba2b67ad30ad316eb275e59408b57d3ed2250f2677dccce750af7b0
e328110ace242b392914a68a9979057a590f95f547f4d37309868460e0222e63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fdd55b7bee05cd35d90db7745642b4bf41e67a2cc564a2e3ea51d05e2f2e25
e4b5a4bf44782e0d726fb9c8284f3a0d3a67c663da155103631b60c7e5f1c708
e4cdd3d24b12334206807ffc17048fdf6d1d0694072c81fdc05c5f8249f636d7
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e5fcac8deea68bd29bbfae3c778ff3464a1025b08d03be9d8c5eb48a4844ecde
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e654d29906ec7673a72e9a397a744162b66281cb9f834b34104d5c8719c8e203
e68f4b07bdaf1c80bfb00f4d3d3a25aea3ae8d4022d6df6d0127f624961f9496
e6eb0dbc485eaa304e88806bec35f402c78e7b992ae584639312ac301dc1a1fc
e75cfbce23be851a026507f6ffe9d28df67e7fa1442418e8953e7ec1284edc7a
e76253388bbf900f46f1a67f85698dfde4fae64b1e6757c14b60ba29225d9345
e7a5af7b0209824a8d8a2ef4186418408a8aecd61d4f82096d6ee64d216a59f4
e82f4cb5ae64f84778900ed5c54ff08812b7335059b7fe70ab5e12472a155e15
e8f639c088f730ab2b58b34818e176b22a29d4554ddfa9e35836615aaaf04cdb
e8f9da93a6450e35f60021a598c53da6961cb711caa8bbda11cdaf792752dfe8
e91580f860a460f66df16f1383f3a285780216e698edf0407e07ff45ff1cd0c3
eb0341ecfdc597668e83e947cff801f03ffa1062815bca99d06954c1e5fefaf0
eb826b9e130ebac2b9dc77bea9c1c744128f5a9414984592cdaf2ad918059fe1
ed3dfcb0d22e4b160814f6dc9a04ad2eec329a55ade39871b285be605543978a
ed81e69986e50c71b697014856768374491d45dbb6a3addf819ce3e13b2b72b7
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02b19434ecf5c40e3a6adac393039c961cfb4e4012e9db44dac4be993c0e970
f0b8faab1d5d6a454cc2fd73242aeedfac046b39bfc8c9f0053ce13d20eee19b
f293486948d4cba26c6b835bdd574b4085e62da749b86019f5f6fab3535b0e39
f42f6434bb69b5882b0a8864e23022be3e8ccada9a69175c825eb26cee38a508
f522ff3202b7c63bc8aba9d3c56963ee4a4bc6477a5ec3498bc62055872134f6
f5735a6df0c934c148c7e8ebea4d68499e20bf1ed73c37fc91dcafe5e6dda50b
f629148135500ef120ed5573abf7a2016c9a032b2c5a19d3ab7513264b4763df
f78922e6ca28fff748e3fb5f03a281976d6354fec45bdc932a9e0d7453550fd9
f905435c0278c8998a37b1e932c610553df7c656806432baf8670720ec6e4e1e
f9f82a5ea9ab5a9519b63af5d5e8ab4cfc8530d9452ad33a7307949a60324426
fa68fd8807e8bddeeaf830bea8063ce7ea6c13aefc663519d7e8132649385dac
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.publinews.gt Open in urlscan Pro 49.12.125.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

421 Requests

74 %HTTPS

32 %IPv6

72 Domains

122 Subdomains

85 IPs

12 Countries

9493 kBTransfer

14809 kBSize

98 Cookies

11 Outgoing links

Redirected requests

421 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.publinews.gt Open in urlscan Pro
49.12.125.168 Public Scan

Screenshot
Live screenshot

Full Image

421
Requests

74 %
HTTPS

32 %
IPv6

72
Domains

122
Subdomains

85
IPs

12
Countries

9493 kB
Transfer

14809 kB
Size

98
Cookies

421 HTTP transactions
10 data transactions