all-news.co Open in urlscan Pro
2606:4700:3030::6815:36b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://action.bewanted.com/ls/click?upn=weE-2FXt4OuIwnmHsEHM6CQTZj98A9-2BZTAsF5TyBDiXZae5Yv6ZW1774Piq-2BX-2FVi71DVF6ggMROLK...
Effective URL:
https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Submission: On August 16 via api (August 16th 2021, 10:04:24 pm UTC) from BE

Summary HTTP 127 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 17 domains to perform 127 HTTP transactions. The main IP is 2606:4700:3030::6815:36b, located in United States and belongs to CLOUDFLARENET, US. The main domain is all-news.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 2nd 2020. Valid for: a year.

This is the only time all-news.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.124 167.89.123.124	11377 (SENDGRID) (SENDGRID)
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 1	151.106.5.114 151.106.5.114	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
48	2606:4700:303... 2606:4700:3030::6815:36b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2.16.186.184 2.16.186.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.190.90.202 35.190.90.202	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	52.209.141.213 52.209.141.213	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
127	26

1 167.89.123.124 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x124.outbound-mail.sendgrid.net

action.bewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.106.5.114 (Strasbourg, France) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

diabani.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2606:4700:3030::6815:36b (United States)

ASN13335 (CLOUDFLARENET, US)

all-news.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-184.deploy.static.akamaitechnologies.com

mtv.mtvnimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.90.202 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 202.90.190.35.bc.googleusercontent.com

steadfastsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.141.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-141-213.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	all-news.co all-news.co	2 MB
29	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	385 KB
15	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	90 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	188 KB
5	google.com 1 redirects adservice.google.com www.google.com	1 KB
4	googletagservices.com www.googletagservices.com	139 KB
3	google.de adservice.google.de	409 B
3	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	steadfastsystem.com steadfastsystem.com	31 KB
1	adsafeprotected.com static.adsafeprotected.com	259 B
1	googleadservices.com partner.googleadservices.com	657 B
1	onesignal.com cdn.onesignal.com	3 KB
1	mtvnimages.com mtv.mtvnimages.com	2 KB
1	diabani.com 1 redirects diabani.com	297 B
1	bit.ly 1 redirects bit.ly	276 B
1	bewanted.com 1 redirects action.bewanted.com	284 B
127	17

	Domain	Requested by
48	all-news.co	all-news.co
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
11	fonts.gstatic.com	fonts.googleapis.com
11	pagead2.googlesyndication.com	all-news.co pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	fonts.googleapis.com	all-news.co googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.google-analytics.com	all-news.co www.google-analytics.com
2	steadfastsystem.com	all-news.co steadfastsystem.com
1	static.adsafeprotected.com	all-news.co
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.onesignal.com	all-news.co
1	mtv.mtvnimages.com	all-news.co
1	diabani.com	1 redirects
1	bit.ly	1 redirects
1	action.bewanted.com	1 redirects
127	21

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
pinterest.com
api.whatsapp.com
www.mtv.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-02` - `2021-12-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
MTVI.com DigiCert SHA2 Secure Server CA	`2021-05-06` - `2022-05-11`	a year	crt.sh
steadfastsystem.com R3	`2021-08-15` - `2021-11-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Frame ID: BD85A36F1E32F791AE4E3F90BC18C428
Requests: 78 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: 31CEA257BFD7775003B8E79869315967
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1629151445&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445407&bpp=2&bdt=394&idt=125&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=11713751716&frm=20&pv=2&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=180
Frame ID: 823702B9935F1AA22F0AFD29A6F041F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=9395189151&adk=3964337409&adf=793176254&pi=t.ma~as.9395189151&w=712&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445410&bpp=1&bdt=396&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OyJU4PhfuW&p=https%3A//all-news.co&dtd=202
Frame ID: E4F1EBE3EB6B1AC0407D880D2512DDB0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445411&bpp=2&bdt=397&idt=220&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3IWLaCdeLD&p=https%3A//all-news.co&dtd=223
Frame ID: A075A5B890810A25D53152B33306A224
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=6103665698&adk=1395125190&adf=3023380478&pi=t.ma~as.6103665698&w=696&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445413&bpp=1&bdt=400&idt=248&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=VTnRSMFL9s&p=https%3A//all-news.co&dtd=252
Frame ID: 0C908464FDD85351EDF11041656F79B1
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=270&slotname=2591919806&adk=1740259769&adf=3437838863&pi=t.ma~as.2591919806&w=324&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=324x270&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445467&bpp=1&bdt=453&idt=222&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fbfa78b3ae3e481-2249482dadc900d2%3AT%3D1629151445%3ART%3D1629151445%3AS%3DALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=JQtsWfyJTg&p=https%3A//all-news.co&dtd=226
Frame ID: 95C437CA443334D44BD9762B51B25F93
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=2552174890&adf=470541226&pi=t.aa~a.4009549588~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1629151445&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445861&bpp=1&bdt=847&idt=1&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fbfa78b3ae3e481-2249482dadc900d2%3AT%3D1629151445%3ART%3D1629151445%3AS%3DALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x270&nras=2&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3502&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qrIEedSJiY&p=https%3A//all-news.co&dtd=14
Frame ID: 55D179068EE8A5F96FD8AE6E694808FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7E54DB688238B599881A30E0DDAC2F5F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Frame ID: 7D178DA0C490ED6E04E16D1B919147CA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Frame ID: 264ACE3C7B31267D4A9869048E985BC7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Frame ID: B6A230E2E69CD331B7538EAC834EAD31
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 89B5E23FE39BC622A9597855C6F6D68B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A4311271A0DC1E675DC1F3345538082
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://action.bewanted.com/ls/click?upn=weE-2FXt4OuIwnmHsEHM6CQTZj98A9-2BZTAsF5TyBDiXZae5Yv6ZW1774Piq-2... HTTP 302
https://bit.ly/3iIhr84?utm_medium=email&utm_campaign=website&utm_source=Sendgrid HTTP 301
http://diabani.com/?Z289MSZzMT0xMTY5MDE5JnMyPTAmczM9VVM= HTTP 302
https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

127
Requests

100 %
HTTPS

76 %
IPv6

17
Domains

21
Subdomains

26
IPs

5
Countries

2651 kB
Transfer

5276 kB
Size

9
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/AllNews25193679

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Hear+Miley+Cyrus%E2%80%99s+Glam-Rock+Take+On+Cocteau+Twins%E2%80%99s+%E2%80%98Heaven+Or+Las+Vegas%E2%80%99&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&via=all-news
Title: Twitter

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/&media=https://all-news.co/wp-content/uploads/2021/07/3944-hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas.com-698706&description=Hear+Miley+Cyrus%E2%80%99s+Glam-Rock+Take+On+Cocteau+Twins%E2%80%99s+%E2%80%98Heaven+Or+Las+Vegas%E2%80%99
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Hear+Miley+Cyrus%E2%80%99s+Glam-Rock+Take+On+Cocteau+Twins%E2%80%99s+%E2%80%98Heaven+Or+Las+Vegas%E2%80%99%20%0A%0A%20https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: http://www.mtv.com/news/artist/miley-cyrus/
Title: Miley Cyrus

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ctwins/posts/369035784585781
Title: posted

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=DqoQY9bobow
Title: “Nothing Else Matters,

Search URL Search Domain Scan URL

URL: http://www.mtv.com/news/genre/rock/
Title: Rock

Search URL Search Domain Scan URL

URL: http://www.mtv.com/news/genre/pop/
Title: Pop

Search URL Search Domain Scan URL

URL: http://www.mtv.com/news/music/
Title: Music

Search URL Search Domain Scan URL

URL: http://www.mtv.com/news/artist/cocteau-twins/
Title: Cocteau Twins

Search URL Search Domain Scan URL

URL: http://www.mtv.com/news/3178839/miley-cyrus-cocteau-twins-heaven-or-las-vegas-cover/
Title: Read More

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://action.bewanted.com/ls/click?upn=weE-2FXt4OuIwnmHsEHM6CQTZj98A9-2BZTAsF5TyBDiXZae5Yv6ZW1774Piq-2BX-2FVi71DVF6ggMROLK1dUj4iEgZK4xIaYU-2B20k-2Fplw5CVg9nLBGCocj3jhhQBm-2BxQU-2Fu916-bS7_iZiX4ODl2rvp8uVcgnmDLy7t2ms9Jmiwc-2FtP-2FeJJbxGIdJSp4Ed8XbPeNKBWbj-2BlYDF5TDjgZT8EnbglzPAfS7X25jcaxkCvihGx1ABLxviZ07Sf-2FoJzik4OSgI2DZxka9VweKuFKGYh9-2FDjYneH-2BCDp-2Bl2i8JkmOVz0E-2BHNdzAi3fjQcuQJUzQH0td8bFeqi7rdKI3QYtXoJkDokH-2FxJI-2FcQj5-2BD25DqNXCFtXfNWM-3D HTTP 302
https://bit.ly/3iIhr84?utm_medium=email&utm_campaign=website&utm_source=Sendgrid HTTP 301
http://diabani.com/?Z289MSZzMT0xMTY5MDE5JnMyPTAmczM9VVM= HTTP 302
https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

127 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Redirect Chain

http://action.bewanted.com/ls/click?upn=weE-2FXt4OuIwnmHsEHM6CQTZj98A9-2BZTAsF5TyBDiXZae5Yv6ZW1774Piq-2BX-2FVi71DVF6ggMROLK1dUj4iEgZK4xIaYU-2B20k-2Fplw5CVg9nLBGCocj3jhhQBm-2BxQU-2Fu916-bS7_iZiX4ODl...
https://bit.ly/3iIhr84?utm_medium=email&utm_campaign=website&utm_source=Sendgrid
http://diabani.com/?Z289MSZzMT0xMTY5MDE5JnMyPTAmczM9VVM=
https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/

339 KB
49 KB

970ms
937ms

Document
text/html

2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.25
Resource Hash: 2d8bbdad63dfa9d8207659a5a5ec89b9500a5acbfef24047e4309de581185ff1

Request headers

:method: GET
:authority: all-news.co
:scheme: https
:path: /hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.25
cf-edge-cache: cache,platform=wordpress
x-pingback: https://all-news.co/xmlrpc.php
link: <https://all-news.co/wp-json/>; rel="https://api.w.org/" <https://all-news.co/wp-json/wp/v2/posts/3944>; rel="alternate"; type="application/json" <https://all-news.co/?p=3944>; rel=shortlink
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEnjUBypbgFgGyNAjj2Vorro8maaTHO3qu7phBrL5KGA6o9s%2B8lydT4CgKMjFqlRb2s2geYGuFZaUPQQbIV1%2FM46V24ZNcD2m4txVZp62zC9HLCS2xQ4uvrGNEBKlzmNSqpcoKTexwqohg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67fdf4cd7e4e969e-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Mon, 16 Aug 2021 22:33:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Location: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 style.min.css
all-news.co/wp-includes/css/dist/block-library/ 79 KB
11 KB 45ms
31ms Stylesheet
text/css 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jul 2021 22:16:13 GMT
server: cloudflare
age: 1866
etag: W/"13abe-5c7d1c0611d3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0zlufT6KEZPv7EbZLxDpYa5TJuGhlGwMib4glGA5UVObwTW%2BsYtCxxuCMkdhC8FT799OL2C%2Fr9UU2WMoZRdJU0cZi7hH%2BEQtlAe1%2FTGvkwYuG%2FIqEn9dV2qO5vtwsC3%2BUf7xLaLp4Nexw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fdf4d37bff6485-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 cookie-law-info-public.css
all-news.co/wp-content/plugins/cookie-law-info/public/css/ 3 KB
1 KB 32ms
18ms Stylesheet
text/css 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.5
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

:path: /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1866
cf-polished: origSize=3109
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 20:50:28 GMT
server: cloudflare
etag: W/"c25-5c84940c088c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=co%2FedTXaKwmHdhaLavTct8ljmHImdRqvNpuq8OJIuesbqsLSw%2BGVPHoctBgho2MjOHOJjxf6P5v%2Fn%2FCbpAi%2BQpCxmJpVoAnAwFaNGFdXPEx2JjX7tolwk%2Fy7AABM1Q9WluvS5SeNH2zThw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 67fdf4d37bfd6485-FRA
cf-bgj: minify

GET
H3-29 200 cookie-law-info-gdpr.css
all-news.co/wp-content/plugins/cookie-law-info/public/css/ 22 KB
4 KB 46ms
32ms Stylesheet
text/css 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.5
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49beb700d387c742e63bdbe609124f2cb157fb3d008d8a8dda9b72efc730c859

Request headers

:path: /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1866
cf-polished: origSize=28741
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 20:50:28 GMT
server: cloudflare
etag: W/"7045-5c84940c088c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GU5dKEk%2BKcLCM9rDRqO0ueN%2BY1sT6IvhPf7O%2B1mTN%2BJ8FGuzKYOu7chOfNMLDiEeFAA7Y8fDjJvXiAT8fxoNjKDbJt8s5js35qGlDTfTkDjBbywRf75FkV7LGmwBn2XckmhcdY8q1t2Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 67fdf4d37c006485-FRA
cf-bgj: minify

GET
H3-29 200 form-basic.css
all-news.co/wp-content/plugins/mailchimp-for-wp/assets/css/ 2 KB
1 KB 32ms
19ms Stylesheet
text/css 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.6
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c518ad5d0adbc0754bac8b71c958312a6bd77d4e318500fec44d929e00f857ec

Request headers

:path: /wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1866
cf-polished: origSize=1682
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 24 Jun 2021 15:50:11 GMT
server: cloudflare
etag: W/"692-5c584fa6bcff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOR080CO1HbYChodv%2BZgb%2BXhYzr8urmd1RA9KuKtij8OX8jqx1EwoEuZ8uWMKKxqgZn0nU9gPOzhiJ%2FvdcDrkKU4NFB0wRKK%2F%2FYtGdykicQr2y4diSEz5Ta1ka%2BT4tzB6EGEGcOHCii%2FZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 67fdf4d37bfc6485-FRA
cf-bgj: minify

GET
H3-29 200 style.css
all-news.co/wp-content/plugins/td-newsletter/ 6 KB
2 KB 32ms
19ms Stylesheet
text/css 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-newsletter/style.css?ver=11.2
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ae14082f4d2088f2bcc4f8e3da3955343dd1e39e0a5f9333c45d6428c3cfc5

Request headers

:path: /wp-content/plugins/td-newsletter/style.css?ver=11.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1866
cf-polished: origSize=5831
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 30 Jul 2021 17:41:28 GMT
server: cloudflare
etag: W/"16c7-5c85ababa1053"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJscX1r8DZ1mAiU0JrBUt%2FG55OhcCXo4hWUdTFTO3b9sTkUXPXZZVZ6Il7dzYCyMNNo%2FVfXKbOC0R9PqxRUnkW6Z2p5aOTl%2BNZJltKcODoAYVKfOM1qRni5goX4%2FjJtzFdyW%2FxlvtX7o8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 67fdf4d37bf96485-FRA
cf-bgj: minify

GET
H3-29 200 style.css
all-news.co/wp-content/plugins/td-composer/td-multi-purpose/ 36 KB
5 KB 28ms
18ms Stylesheet
text/css 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=5496ac087ca179a9788dadb779dbc160
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583

Request headers

:path: /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=5496ac087ca179a9788dadb779dbc160
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1866
cf-polished: origSize=37284
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 30 Jul 2021 17:41:11 GMT
server: cloudflare
etag: W/"91a4-5c85ab9ae9eb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zfLcjW9gFdGP5gM4jAXMbrLcWjoyUhfhJNfbPenwl3dtK1ihjjke392e6mPHMZEExH%2FgMWhXsoe%2B%2Fe%2Fhu%2FL64MV7zimF6f182vWtfXI8zy4Yrc0xWgx8CPT%2Fs6i8QoHiCS%2FyaHKsPwyjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 67fdf4d37bf66485-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 17ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Requested by

Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

808fa266ffd5666e6ecbff99004bc49617c77cc4287880af64ddf3875022d128

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 22:04:05 GMT
server: ESF
date: Mon, 16 Aug 2021 22:04:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Aug 2021 22:04:05 GMT

GET
H3-29 200 style.css
all-news.co/wp-content/themes/Newspaper/ 104 KB
20 KB 43ms
33ms Stylesheet
text/css 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11.2
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6

Request headers

:path: /wp-content/themes/Newspaper/style.css?ver=11.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1866
cf-polished: origSize=149059
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 30 Jul 2021 17:41:03 GMT
server: cloudflare
etag: W/"24643-5c85ab932dea9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhKtCdmWoOfDe8o9S%2F%2BFu9aI9KuG9XNyKvGrS7WCeNzdxAnbPFpNw8yO8pr%2BVmC5J5pbVadBTPvEZgtlXykz3uLxXCcLeyYgSaeebDvl9i573P8z4a%2FfDRHpKyTctRoHxDSt6u%2B4dzgRMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 67fdf4d37c026485-FRA
cf-bgj: minify

GET
H3-29 200 QoWmwStuyYWa.css
all-news.co/wp-content/uploads/mQfuTlzSXWhq/ 3 KB
1 KB 52ms
41ms Stylesheet
text/css 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/uploads/mQfuTlzSXWhq/QoWmwStuyYWa.css?ver=2.2.3
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7da8d792ef771180eef9e592f2a3b5ebcc0f74eea6f5475d1a1e9e5665bb8448

Request headers

:path: /wp-content/uploads/mQfuTlzSXWhq/QoWmwStuyYWa.css?ver=2.2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1866
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 13:36:17 GMT
server: cloudflare
etag: W/"adc-5c0e03ae7e792"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbOVi15GPpuUNak6nvPMabySZPxmxvU%2FoUiZY8Iak0WKZLoZsrMjz3dQoRSKbC9X9HmCcSnJOS5aR%2F2KzPIQkQCDfTKakeGKUe8S6%2FsbAiqDd49oiNxB%2F6AzWyE6dlKzd69Qis4y7Fmmrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 67fdf4d37c036485-FRA
cf-bgj: minify

GET
H3-29 200 td_legacy_main.css
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 125 KB
21 KB 47ms
37ms Stylesheet
text/css 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e11358f81905fda56213119d8d9a1076ec679d26ad3f9ad82c0091024a7a1408

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1865
cf-polished: origSize=158679
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 30 Jul 2021 17:41:10 GMT
server: cloudflare
etag: W/"26bd7-5c85ab99ea4d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcT3CmPws%2FFQNKvBlMofYXcsy%2BlfJPmKeOu6%2Fj5j1tZZEC0RiZac62oaXRjrvvUGwApbSpIk34VHXUtv%2FMxbamGDO4O1R2TzeMIds%2B3NT3UgMV%2Br%2FtqczR9KdPly2OwReBO0aRPfQENN5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 67fdf4d37bfb6485-FRA
cf-bgj: minify

GET
H3-29 200 td_standard_pack_main.css
all-news.co/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 569 KB
52 KB 47ms
37ms Stylesheet
text/css 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9214a050dc0a6c6eeaa5c1aa35f9cfe3
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6956cbfddf2ce28aee043ecd2b7dbc3ada3954646d7009c6dd1b5ca173f136f9

Request headers

:path: /wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9214a050dc0a6c6eeaa5c1aa35f9cfe3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1866
cf-polished: origSize=732364
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 30 Jul 2021 17:41:36 GMT
server: cloudflare
etag: W/"b2ccc-5c85abb2d9ac8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCPN3wbhSY8l1geqtB77YW6cF%2Fmd8naYmUqgU7L8lKdmSWjwfsmmKcw4uwThB3SFKkTRL0%2B86%2FOdYXTJb%2FVDIcyQK3WIexVb5ysc7xiGXXDt7zUgplwypbO%2FNatXYrcwuTgRtcnHdTHDIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 67fdf4d37bfe6485-FRA
cf-bgj: minify

GET
H3-29 200 jquery.min.js Show response
all-news.co/wp-includes/js/jquery/ 87 KB
32 KB 33ms
24ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jul 2021 22:16:13 GMT
server: cloudflare
age: 4092
etag: W/"15db1-5c7d1c05fb9c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxMVM4vK9Yax6sI%2BQoFYTgkznfa0XUjSt%2FxC0uGkyynlVcl%2BmUXd2yWLkMmSXKML3byErsp6hsHoT9ZAEKZH3B0TtbqPseNyp9%2FpZS4lsWlj2vG4bqK4VUCMaNyzs1qAkZHj%2Bmw7Pp8WrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fdf4d37bf86485-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 jquery-migrate.min.js Show response
all-news.co/wp-includes/js/jquery/ 11 KB
5 KB 30ms
20ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jan 2021 11:51:38 GMT
server: cloudflare
age: 4092
etag: W/"2bd8-5b84e0ffba56e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7PDWGGiaC9WGuFNVhROKO0YTqUZ2HE%2FtM0wVsgNr7A6dnRaEoV0veMNinXEAt%2BsxBA7zD9AN3owvqqLm%2BgQgsOqUwlD72OpRjgNtc%2BLUnVWv%2BIaZqEy6I9C%2F6UfBq%2FX98f54qdeU%2BfEZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fdf4d37c016485-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 cookie-law-info-public.js Show response
all-news.co/wp-content/plugins/cookie-law-info/public/js/ 27 KB
7 KB 40ms
31ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.5
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51d0e85097a841f69894079309ad6368bb01eb0a51411d8cf61038a7fcc49a51

Request headers

:path: /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2541
cf-polished: origSize=35168
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 20:50:28 GMT
server: cloudflare
etag: W/"8960-5c84940c084e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5unglQd%2FH%2BBDqywGTEm5nCHTc3uSoIX1%2Bwxn37%2FGJ6euQLEEx17Ey82EuhtknYqrXpXkj1Cuk351XEcrbaz%2FMTtv12p%2BDZR4sQdxV521LXpBo3zblxFEFYV7WFW8lz%2F92nA6375QoxMTmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 67fdf4d37bf76485-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6dc9916036b41f4eb3ac4cfa16e215b38090bed8723c5ab86c765e6ea52e63e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49891
x-xss-protection: 0
server: cafe
etag: 17144776108970527666
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 22:04:05 GMT

GET
H3-29 200 wp-emoji-release.min.js Show response
all-news.co/wp-includes/js/ 18 KB
5 KB 19ms
17ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jul 2021 22:16:13 GMT
server: cloudflare
age: 7131
etag: W/"4705-5c7d1c05fae0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j26FPOE0Et0igELXh%2BuX6lFohuUmA%2FBfSx2ujlaTyN96OqwNr3ZWIgtDKaWWHGTWfIAa7P7axG%2Bl1IYwGPkQyGKAUobhcVDKsqbH%2B9ADcxc3PHb8IGoq2SP8U8cZgFXTiWcR5%2BlbidyFpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fdf4d3ec206485-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Requested by

Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6dc9916036b41f4eb3ac4cfa16e215b38090bed8723c5ab86c765e6ea52e63e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49891
x-xss-protection: 0
server: cafe
etag: 17144776108970527666
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 22:04:05 GMT

GET
H3-29 200 3944-hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas-696x392.com-698706
all-news.co/wp-content/uploads/2021/07/ 43 KB
43 KB 82ms
80ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/07/3944-hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas-696x392.com-698706
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dec5c0216d293378f7d37f1d2b1033f5315ef1e2c4c3f8790cf5de865826ec7

Request headers

:path: /wp-content/uploads/2021/07/3944-hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas-696x392.com-698706
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jul 2021 11:25:02 GMT
server: cloudflare
etag: "ab13-5c686ca1bc3c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqq2OOQM6gI76%2B2%2FOJ0bCWDOSxvluIpflv8tscn9wtmx4qhQH3yM6jY0tOnu3qMqDt7VVm2G4s%2FxzeHz5raKnJSD4rGNt23et13vf7yB4N%2BRpDEDkzFuKm8t6v42GXG1EEpJRwe7duoGFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 67fdf4d3ec216485-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43795

GET
H2 200 mgid:ao:image:mtv.com:698706
mtv.mtvnimages.com/uri/ 2 KB
2 KB 96ms
29ms Image
image/jpeg 2.16.186.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mtv.mtvnimages.com/uri/mgid:ao:image:mtv.com:698706?width=385&height=217&quality=.05&format=jpg

Requested by

Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

50c7e5ad677f7e2ae070247b996e043261429999a6bf3aa5b0ab86341f4461ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 21:23:02 UTC
cid: 19b27bc9-0894-4a57-98ac-26900ad4315d
etag: "31363238383033333832d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31274365
date: Mon, 16 Aug 2021 22:04:05 GMT
x-status-code: 200
content-length: 2174

GET
H3-29 200 email-decode.min.js Show response
all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 8ms
8ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 10:09:00 GMT
server: cloudflare
etag: W/"6114f33c-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4cKBWqBikyUIPi%2FVo1%2BB81oWp5%2BNfMeXYhTfOAP7C5WImli5sxLu0zcCxUoTYYt3QM7omqJGMLfWUogig1fHPSrWc83dYTZu68gryRMPGIyYQ8G0HfPeU48iFFXPXLznU8qX8gWy7h7%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fdf4d3cc146485-FRA
vary: Accept-Encoding
expires: Wed, 18 Aug 2021 22:04:05 GMT

GET
H3-29 200 underscore.min.js Show response
all-news.co/wp-includes/js/ 19 KB
8 KB 14ms
14ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

:path: /wp-includes/js/underscore.min.js?ver=1.8.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jul 2021 22:16:13 GMT
server: cloudflare
age: 4092
etag: W/"4a84-5c7d1c0601782"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZdTi94I4RPZlN%2FhdTMUdSQV7sAqSaExHzYOw%2FcEn20jzSbD4VGrffTyhxQZOZ9dJGqYxAB4GwjBsglUHsdKktga04VyLrNfYvQEfbBxUuKsmLd0N3zv%2F89DwwQsV2rULJ8VEiXUjHB1%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fdf4d3cc156485-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 js_posts_autoload.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 15ms
13ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=c19aec6a20dc470dea3def4ce71e04d5
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=c19aec6a20dc470dea3def4ce71e04d5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Jul 2021 17:41:18 GMT
server: cloudflare
age: 2541
etag: W/"1428-5c85aba19536c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rpKAcnudegAD5fnBZq8ou8iWAsqSiwWG%2FrsCrUF3iT2pSWJfzt4aq0N13A28QR6g0HCZin0AI9qYViUkinRHWrVIu4Bx0oHyOOlNSu2UVf1bkYXSFbtSrW2kEpUTvTzcNNNI2KQF1TOfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fdf4d3ec196485-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 tagdiv_theme.min.js Show response
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/ 257 KB
60 KB 29ms
27ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.2
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Jul 2021 17:41:10 GMT
server: cloudflare
age: 4092
etag: W/"4029c-5c85ab99edf69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTHk8crciA%2BPZYoTSDotDQvcgJdq71fysLm1NTJuGu3tjWtcfyEWlp3b13n8xCqqB2r1pifTUXpaL26c7Pp%2Frrjj5ejfaAyrjGtZX7zKhKj%2Bwydvea4Sgs%2FXqttDi2YFPudjyA4fTh8aYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fdf4d3ec1a6485-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 comment-reply.min.js Show response
all-news.co/wp-includes/js/ 3 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/comment-reply.min.js?ver=5.8
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 14:30:28 GMT
server: cloudflare
age: 2541
etag: W/"ba8-5c003b4783f65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8camRnPWKI02iBgZ7cgMmN63s%2B9jPFpNkU0eLf29V6mCYQz04bQkW9t3p2w%2BdMSmHY%2BDFj6ZJ6UsOfzyExB2y7%2FoLXyIsGIWzPvN5yqPMjRqWDCX5ARUvQa7g3WAyLwZ1CMs3N2aKfC%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fdf4d3ec1b6485-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 kddsnszlCWqm.js Show response
all-news.co/wp-content/uploads/mQfuTlzSXWhq/ 14 KB
5 KB 15ms
13ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/uploads/mQfuTlzSXWhq/kddsnszlCWqm.js?ver=2.2.3
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df85aac876d06864d10bb0fc5f45c6fa28870ed4eda966f3082d52e42173d962

Request headers

:path: /wp-content/uploads/mQfuTlzSXWhq/kddsnszlCWqm.js?ver=2.2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2541
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 13:36:17 GMT
server: cloudflare
etag: W/"396a-5c0e03aea02a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhM1Vh%2F%2FlZZ78HzixUf7eJvRwEXoj1IujdOrk63tTc6%2BV2CC1QP4y1q3rVe832GFY7%2FiIaZg0b42OLezjCcL6a1rzXzscpjWrlDzWYGQs0aQvNZbQukCxKNk2wW1WjWoZjVC%2BFMkhzHO%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 67fdf4d3ec1c6485-FRA
cf-bgj: minify

GET
H3-29 200 js_files_for_front.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 37 KB
9 KB 20ms
19ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=c19aec6a20dc470dea3def4ce71e04d5
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a22f85f1a257dfe812b91e347ffff79eee4cff5eb89f0b429a32ae1ab96d8adc

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=c19aec6a20dc470dea3def4ce71e04d5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Jul 2021 17:41:18 GMT
server: cloudflare
age: 2541
etag: W/"92cd-5c85aba19536c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FY4o8W2BnIVPeuY0iMEUz92gIS%2F%2BL26xj6YnLLsw5Iv%2F5MleYYEmrvKdVVIjcO9meZdT8TNVTMR%2F894epekpDmlQE6b2zSFpEAqU0LeNgYzUenk9KxntOqkTFaqA43aMT8vnbIAAOGhF5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fdf4d3ec1d6485-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 wp-embed.min.js Show response
all-news.co/wp-includes/js/ 1 KB
1 KB 17ms
16ms Script
application/javascript 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Feb 2021 02:30:35 GMT
server: cloudflare
age: 2541
etag: W/"592-5ba797d0ae3d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeYbec4g4Kr46hpSTCAQBehZaZayCfPrkr1rNKsYSPUsNRfv2iSCffgOV%2BtJZ7tgF09n35WjPoub5mbhSJPJG8BT7t5GnA%2FxXPkK9hfx%2FopQj6hZEpbWBU%2FN7pwyHl2QKZmDM6xXuQ%2Fkyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fdf4d3ec1e6485-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 41ms
23ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2176
etag: W/"3e792b2dc76a5a063e1c4f30d40ae527"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 67fdf4d3fddd4ea9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 19 Aug 2021 22:04:05 GMT

GET
H2 200 v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR Show response
steadfastsystem.com/ 103 KB
30 KB 232ms
206ms Script
text/javascript 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR

Requested by

Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

d4210180539f850f4d13f09a950b88cf794a39ed47042ff75a09d8bb013d0c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "29a35f1452f71e249a143e45bec885b5207e48dfd1ebd37155060c17bf49e059"
vary: Accept-Encoding, Accept-Language
x-hostname: 0586a9fb
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Mon, 16 Aug 2021 22:04:05 GMT
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 3024
date: Mon, 16 Aug 2021 21:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 16 Aug 2021 23:13:41 GMT

GET
H3-29 200 mobile-bg.jpg
all-news.co/wp-content/uploads/2021/01/ 43 KB
43 KB 13ms
13ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/01/mobile-bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a

Request headers

:path: /wp-content/uploads/2021/01/mobile-bg.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1865
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43847
last-modified: Sat, 30 Jan 2021 22:15:34 GMT
server: cloudflare
etag: "ab47-5ba2575ae8adc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGtpTmeDnrUwyPQC7Zahk4VhzgccI91irv4PjhSXgmU9TpIEkR2OyOVQ5rxh3dphtZhrXJQOXJc9znl6EN4h%2FsC8rO0%2FzKC30jxoE6ELSPm%2BrjPfFOUutJ9rPdbSzpQYwb%2Bh%2B%2BWylb5PGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4d3ec236485-FRA

GET
H3-29 200 newspaper.woff
all-news.co/wp-content/themes/Newspaper/images/icons/ 24 KB
17 KB 15ms
15ms Font
application/font-woff 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11.2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

:path: /wp-content/themes/Newspaper/images/icons/newspaper.woff?19
pragma: no-cache
origin: https://all-news.co
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: all-news.co
referer: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://all-news.co
Referer: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Jul 2021 17:41:03 GMT
server: cloudflare
age: 1865
etag: W/"6120-5c85ab932ee49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChusKZCrQRh683OHPxnTV9d5pxuTUULRml48b9q8tC%2BIeOa4LYAsykFp%2BoKPERXQkkqwFQ4mK%2F%2BJWKGTq8ESGCNHfbJveXDyyV1b22h1eHKRusTVLEiDLWs6QmjdNMuMw8Gs%2F7OehSJZ9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fdf4d3fc246485-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 newspaper-icons.woff
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 6 KB
5 KB 14ms
14ms Font
application/font-woff 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
pragma: no-cache
origin: https://all-news.co
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: all-news.co
referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://all-news.co
Referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Jul 2021 17:41:10 GMT
server: cloudflare
age: 1857
etag: W/"1744-5c85ab99da300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bv1IDM%2Bq%2FBb2UVCkKz%2BBCRnq06OIyWl6Hc8BSTqI1ChK43tIBFis0q7ZmFqkeEkaJDnkh11ZF4%2FPml80EnJgs2tCm%2BIKkMD%2FeHdkYT2wFzfolvyyR9pMNndKNYNGXeB8MA29amd64NcFrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67fdf4d3fc256485-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:29:56 GMT
x-content-type-options: nosniff
age: 596049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:29:56 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 573107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 06:52:18 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:00:34 GMT
x-content-type-options: nosniff
age: 587011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 03:00:34 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:29:56 GMT
x-content-type-options: nosniff
age: 596049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:29:56 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:29:56 GMT
x-content-type-options: nosniff
age: 596049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:40 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:29:56 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11.2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:12:52 GMT
x-content-type-options: nosniff
age: 593473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 01:12:52 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1505547935&t=pageview&_s=1&dl=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&ul=en-us&de=UTF-8&dt=Hear%20Miley%20Cyrus%E2%80%99s%20Glam-Rock%20Take%20On%20Cocteau%20Twins%E2%80%99s%20%E2%80%98Heaven%20Or%20Las%20Vegas%E2%80%99%20-%20all-news&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1132578899&gjid=283341846&cid=703857852.1629151445&tid=UA-185019636-1&_gid=1066296990.1629151445&_r=1&_slc=1&z=1276494803

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 22:04:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
93 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95569
x-xss-protection: 0
server: cafe
etag: 15041329415598805064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 22:04:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame 31CE 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210812/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 16 Aug 2021 20:32:15 GMT
expires: Mon, 30 Aug 2021 20:32:15 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 5510
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
82 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-185019636-1&cid=703857852.1629151445&jid=1132578899&gjid=283341846&_gid=1066296990.1629151445&_u=IEBAAEAAAAAAAC~&z=229413310

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 16 Aug 2021 22:04:05 GMT
content-type: text/plain
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 footer_bg.jpg
all-news.co/wp-content/uploads/2021/01/ 105 KB
106 KB 14ms
14ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/01/footer_bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a

Request headers

:path: /wp-content/uploads/2021/01/footer_bg.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1863
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 107441
last-modified: Sat, 30 Jan 2021 22:15:20 GMT
server: cloudflare
etag: "1a3b1-5ba2574d2c0a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuLWFGwDHGElzFsR7tY%2FsgBBidmcmNqLp3Mq1mD%2FXPytUdilFRXZF52LIsC1sfEUVdf%2Br7CdB4Kf99p6E96%2FAzob0E72rZAMwwy8EyxdjDcdryRRt4aaBxakNGj3hfnhVakSwBFHQ65JTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4d66cb26485-FRA

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
657 B 37ms
15ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=all-news.co&callback=_gfp_s_&client=ca-pub-8439024877331049

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

a0df6d9bf8fa59628d843a24805699fd880e27de17515fc0c07ccabe5c2448d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8237 17 KB
5 KB 251ms
250ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1629151445&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445407&bpp=2&bdt=394&idt=125&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=11713751716&frm=20&pv=2&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=180

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fe87bbc0a3d39bfa4c491813a82decb887d72f0130d60f47b3ee1ba56677d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1629151445&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445407&bpp=2&bdt=394&idt=125&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=11713751716&frm=20&pv=2&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=180
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 22:04:05 GMT
server: cafe
content-length: 4943
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 22:19:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 22:04:05 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe4436f1d882b3acd98fb2763984bacd382664582f4918647b89894f46b871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629113446242536"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27733
x-xss-protection: 0
expires: Mon, 16 Aug 2021 22:04:05 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E4F1 430 B
229 B 206ms
205ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=9395189151&adk=3964337409&adf=793176254&pi=t.ma~as.9395189151&w=712&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445410&bpp=1&bdt=396&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OyJU4PhfuW&p=https%3A//all-news.co&dtd=202

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4654c767d415745ec9e324e7b62e532088fe04a961ad5eb21b02487af0f8c08f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=9395189151&adk=3964337409&adf=793176254&pi=t.ma~as.9395189151&w=712&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445410&bpp=1&bdt=396&idt=190&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OyJU4PhfuW&p=https%3A//all-news.co&dtd=202
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 22:04:05 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 22:19:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 22:04:05 GMT
cache-control: private

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
259 B 354ms
30ms Image
image/gif 52.209.141.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.141.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-141-213.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: nginx/1.16.1
age: 14075604
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A075 78 KB
27 KB 223ms
223ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445411&bpp=2&bdt=397&idt=220&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3IWLaCdeLD&p=https%3A//all-news.co&dtd=223

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

918aeda423776a4825396ff8164e3d55cb18f567d5d260a24d06589ea016959c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445411&bpp=2&bdt=397&idt=220&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3IWLaCdeLD&p=https%3A//all-news.co&dtd=223
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 22:04:05 GMT
server: cafe
content-length: 27546
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 22:19:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 22:04:05 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0C90 78 KB
26 KB 311ms
311ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=6103665698&adk=1395125190&adf=3023380478&pi=t.ma~as.6103665698&w=696&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445413&bpp=1&bdt=400&idt=248&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=VTnRSMFL9s&p=https%3A//all-news.co&dtd=252

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4313a9f3aeeb6587530ee137e910d040e9b989c3cd3d3b0c835532cbb6a5565b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=6103665698&adk=1395125190&adf=3023380478&pi=t.ma~as.6103665698&w=696&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445413&bpp=1&bdt=400&idt=248&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=VTnRSMFL9s&p=https%3A//all-news.co&dtd=252
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 22:04:05 GMT
server: cafe
content-length: 26770
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 22:19:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 22:04:05 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 95C4 85 KB
27 KB 410ms
410ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=270&slotname=2591919806&adk=1740259769&adf=3437838863&pi=t.ma~as.2591919806&w=324&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=324x270&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445467&bpp=1&bdt=453&idt=222&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fbfa78b3ae3e481-2249482dadc900d2%3AT%3D1629151445%3ART%3D1629151445%3AS%3DALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=JQtsWfyJTg&p=https%3A//all-news.co&dtd=226

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

335b92fa16caab702639ddc7553c69f5c9d1688d6406113d1718ade8a1eb7f62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=270&slotname=2591919806&adk=1740259769&adf=3437838863&pi=t.ma~as.2591919806&w=324&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=324x270&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445467&bpp=1&bdt=453&idt=222&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fbfa78b3ae3e481-2249482dadc900d2%3AT%3D1629151445%3ART%3D1629151445%3AS%3DALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=JQtsWfyJTg&p=https%3A//all-news.co&dtd=226
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 22:04:06 GMT
server: cafe
content-length: 27832
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 22:19:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 22:04:06 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55D1 430 B
231 B 225ms
225ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=2552174890&adf=470541226&pi=t.aa~a.4009549588~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1629151445&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445861&bpp=1&bdt=847&idt=1&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fbfa78b3ae3e481-2249482dadc900d2%3AT%3D1629151445%3ART%3D1629151445%3AS%3DALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x270&nras=2&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3502&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qrIEedSJiY&p=https%3A//all-news.co&dtd=14

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

473ca240f1238bb32be049d8ddf72100561a03f04169b39bf27d1f0279b1dd25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=2552174890&adf=470541226&pi=t.aa~a.4009549588~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1629151445&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445861&bpp=1&bdt=847&idt=1&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fbfa78b3ae3e481-2249482dadc900d2%3AT%3D1629151445%3ART%3D1629151445%3AS%3DALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg&prev_fmts=0x0%2C712x178%2C696x174%2C696x174%2C324x270&nras=2&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3502&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qrIEedSJiY&p=https%3A//all-news.co&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 22:04:06 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: IDE=AHWqTUmUMHxnSg14Tx2CXvsyryPRGihOLGk6mucFz9SkSa95Lot_DbSwXMIvygSLFxg; expires=Sat, 10-Sep-2022 22:04:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 22:04:06 GMT
cache-control: private

GET
H2 200 5206322134938650087
tpc.googlesyndication.com/simgad/ Frame A075 37 KB
37 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5206322134938650087?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm88v0K8a_j2F3ywQ86rjDeEQWTAw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445411&bpp=2&bdt=397&idt=220&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3IWLaCdeLD&p=https%3A//all-news.co&dtd=223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a84950f98c69dbc5c11fa8e05c8002187a253fe3a3ad99a4da58a6574643706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 21:09:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 11:39:33 GMT
server: sffe
age: 89647
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38007
x-xss-protection: 0
expires: Mon, 15 Aug 2022 21:09:58 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame A075 18 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 21:50:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame A075 2 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 22:00:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A075 124 KB
37 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629113426487594"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38194
x-xss-protection: 0
expires: Mon, 16 Aug 2021 22:04:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame A075 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 21:41:28 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame A075 26 KB
11 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2964eaaa17b81ff911681e57089511c35c7ebbbb8cce98e8c64bad2de197149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10743
x-xss-protection: 0
server: cafe
etag: 8915488205478863544
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:35:17 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A075 0
0 21ms
18ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJNfX1eAaYbP4J4LP7_UPn8uOwAe_8Pn2YuL-7p-TDv_jtY-1ARABIMzT7IIBYJUCoAGVpOiwAcgBAqkCh31WLULCsz6oAwHIA8kEqgT-AU_Q-kJ_2m7GhnZqJxE_lTWfMl3_aLx50egtHM8_Y4TO3J1sxDCk6fAfPTqBeSFqPjOniIAs8npqzMAlBX88tP6f7JNI4pYmy6BOb6_K-p_8UorvQZqSOkRzdBXsA3Yq8AbTvwmL8lWOzcL3V5A6zoxC3QNJHauTRp1KKZRe5FxPpfRbiKakpz1grC2RLzFuoMeV0WQDffnRAYVHXa9domaLpFYH2R6Ma4hqpO0dEFKrLPrMiTRcCReSsGbv_rzVnOY9sd_LPc4IrOXSL3z551XYoocKtbz7vZfCQ6x0edy_qGRkYK5BgOjHvfH2EjXpsPhSNykwarDPu5s_MBSAwAT8uYv5ywOgBgKAB9Pbl88CqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJ6XBNIICQiA4YAQEAEYH4AKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=_Uon6T_IfYA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445411&bpp=2&bdt=397&idt=220&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3IWLaCdeLD&p=https%3A//all-news.co&dtd=223
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 22:04:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Aug 2021 22:04:05 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7E54 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445411&bpp=2&bdt=397&idt=220&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3IWLaCdeLD&p=https%3A//all-news.co&dtd=223
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445411&bpp=2&bdt=397&idt=220&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3IWLaCdeLD&p=https%3A//all-news.co&dtd=223

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 16 Aug 2021 21:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css
fonts.googleapis.com/ Frame 0C90 4 KB
617 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=6103665698&adk=1395125190&adf=3023380478&pi=t.ma~as.6103665698&w=696&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445413&bpp=1&bdt=400&idt=248&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=VTnRSMFL9s&p=https%3A//all-news.co&dtd=252

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 21:41:20 GMT
server: ESF
date: Mon, 16 Aug 2021 22:04:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Aug 2021 22:04:06 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 0C90 1 KB
857 B 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 22:01:31 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 0C90 18 KB
7 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 21:50:01 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 0C90 2 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 22:00:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C90 124 KB
37 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629113426487594"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38194
x-xss-protection: 0
expires: Mon, 16 Aug 2021 22:04:06 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 0C90 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 21:51:39 GMT

GET
H2 200 b0784018e1fbf9b21026a03ef4bd1046.js Show response
www.gstatic.com/mysidia/ Frame 0C90 26 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b0784018e1fbf9b21026a03ef4bd1046.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

357839b656a38b688c109822362a471abf0cfa1c50b94f913e8c141fba7f59bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 18:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10788
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 03:04:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 18:50:12 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0C90 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuomG1eAaYaG4KfrI7_UPs4CDyAL3y7_CZKaXkoidDsbY7cTCIhABIMzT7IIBYJUCoAHOhPD-A8gBBqkCh31WLULCsz6oAwHIA8sEqgT6AU_QRHPg0bRyxgfrZ0tpbcepwwvOqUgp_wxPff8u6fPrhGmSGTrqwja4GN_fFsKr3JnJCVK1OqJMaTrN2TBlTRNy1h_ykbiGMLC81g8pPXnzvpHrY2cj2wo75ZZ-MiZQvF4wY3EvL0Z_XYnZGLs9iiWEYQbyNzMq8FYChPXN7dIr2hprl2XdebWQA2BdDP95LRIBT9Tr0nzX9OPEqvk6Ro572KimApuehaQcqZG3qPZYIxQWkfMBzcKt-fk7OF17vH-QtPTmpUN9G_lJIjmoPnI-w6RmBrEBOtukvixHjJwTQJMfr1owF_x-SxkKJ3k5f-OrRUN1N4ukzi7ABMSv_tDUA6AGN4AHmvuPAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCVtQLSCAkIgOGAEBABGB-ACgHICwHYEwOIFAPQFQGYFgGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=EkMWN-9GxoM&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=6103665698&adk=1395125190&adf=3023380478&pi=t.ma~as.6103665698&w=696&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445413&bpp=1&bdt=400&idt=248&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178%2C696x174&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=2646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=VTnRSMFL9s&p=https%3A//all-news.co&dtd=252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 22:04:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7E54
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkVc6rJalIFhOA4ar5pmiYZhZDmx4W9F0DbIa9lPR0dD0gXEllhhuJB5EfItKo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 16 Aug 2021 22:04:06 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 16-Aug-2021 23:04:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 22:04:06 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 16 Aug 2021 22:04:06 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3579682354797986774/ Frame 0C90 12 KB
12 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3579682354797986774/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732e2d19037e347f87a4992a98ce710c6baeec0f4acd3c38bfa46ea7225d50d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 10:06:38 GMT
x-content-type-options: nosniff
age: 561448
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12747
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 08:01:48 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 10:06:38 GMT

GET
DATA 200
OK truncated
/ Frame A075 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65719beca38fc215272df43b9b4deb6e38be8979b0980020d739aca717692561

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0C90 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df4ba6a4ea45e19fdd92e7b6fbb42101da081d301af28151b2e6294d4dc1d1c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 0C90 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 573108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 06:52:18 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 0C90 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:12:52 GMT
x-content-type-options: nosniff
age: 593474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 01:12:52 GMT

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D17 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 20:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 523120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 20:45:26 GMT

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 264A 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 20:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 523120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 20:45:26 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 95C4 6 KB
668 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=270&slotname=2591919806&adk=1740259769&adf=3437838863&pi=t.ma~as.2591919806&w=324&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=324x270&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445467&bpp=1&bdt=453&idt=222&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fbfa78b3ae3e481-2249482dadc900d2%3AT%3D1629151445%3ART%3D1629151445%3AS%3DALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=JQtsWfyJTg&p=https%3A//all-news.co&dtd=226

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 21:41:12 GMT
server: ESF
date: Mon, 16 Aug 2021 22:04:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Aug 2021 22:04:06 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 95C4 1 KB
857 B 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 22:01:31 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 95C4 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 21:50:01 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 95C4 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 22:00:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95C4 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629113426487594"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38194
x-xss-protection: 0
expires: Mon, 16 Aug 2021 22:04:06 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 95C4 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 21:51:39 GMT

GET
H3-29 200 b0784018e1fbf9b21026a03ef4bd1046.js Show response
www.gstatic.com/mysidia/ Frame 95C4 26 KB
11 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b0784018e1fbf9b21026a03ef4bd1046.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

357839b656a38b688c109822362a471abf0cfa1c50b94f913e8c141fba7f59bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 18:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10788
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 03:04:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 18:50:12 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9722812825122361649/ Frame 95C4 13 KB
13 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9722812825122361649/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323d4d29fcbd57e15745846cd6bf1db48761c8122bbf25815a9e02ef803a8900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 22:00:40 GMT
x-content-type-options: nosniff
age: 86606
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13511
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 16:18:41 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Aug 2022 22:00:40 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12923737684244412338/ Frame 95C4 2 KB
2 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12923737684244412338/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b26dbd9e0b1469f90cc9b4c05ad9974bdf59748279e4554251910fb83d6ef5ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 19:11:02 GMT
x-content-type-options: nosniff
age: 528784
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2470
x-xss-protection: 0
last-modified: Sun, 29 Nov 2020 12:23:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 19:11:02 GMT

GET
DATA 200
OK truncated
/ Frame 95C4 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0312ad5376fa0248eaa064cb09032971612ac283488537c5e22375cd50b90080

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 95C4 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CE2pM1eAaYfGvK5aU7_UPz6qPmAaCw661ZKio8aPoDPzRsrOWDhABIMzT7IIBYJUCoAGSj83KAsgBBqkCh31WLULCsz6oAwHIA8sEqgT-AU_QKGPR-6u-UeooM0Wj_b8YGYP7Hdhm6N0nKzKncyrHOaaA31hL3KymSMCDE9Ch-hxp2T5Jt31EZbujJSYD6iSwV6ritBc3vfw_B4FiOeqYaFobxd3TUDytDkYv5QKUtkAhtXFkAoQG0rKzsO-CqZuXN4k8D_Sw5AWf5m6Om2MEGsZQkhkB5Qkxo3BzjFDovWacRMgpzxXqc1tcCas1GV-yqBprmmRUgZVhJnjWlWvjbrMaSDWn1rUIEUTX7kGzg1Cr7rAtShXDdDlvoqnV6_PwpIcWgnxIHu1IHZnp4oq-iYxeezQCIETEkBtVzlj8ZLWD_e1Yc85zSUKtLBWFwAT71o3hwQOgBjeAB6b_tLUBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEPO7BNIICQiI4YAQEAEYH4AKAcgLAdgTA4gUAdAVAYAXAbIXHAoaCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=UYqwoSrPqkg&uach_m=[UACH]&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=270&slotname=2591919806&adk=1740259769&adf=3437838863&pi=t.ma~as.2591919806&w=324&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=324x270&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445467&bpp=1&bdt=453&idt=222&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fbfa78b3ae3e481-2249482dadc900d2%3AT%3D1629151445%3ART%3D1629151445%3AS%3DALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=JQtsWfyJTg&p=https%3A//all-news.co&dtd=226
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 22:04:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 95C4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 288d008903a98300e7cd9ccd3eb1cc6ee960e49523d9860e808e0da832842916

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 95C4 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:12:52 GMT
x-content-type-options: nosniff
age: 593474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 01:12:52 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 95C4 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 08:57:53 GMT
x-content-type-options: nosniff
age: 565573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 08:57:53 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 95C4 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 573108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 06:52:18 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 27ms
27ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d2b468b33538e220aab3fe713b10473b00d10555c9e1bb1b4c7f0e3b9a31af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 22:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8458
x-xss-protection: 0

GET
H3-29 200 4476-rams-ben-skowronek-suffers-fractured-forearm-324x400.jpg
all-news.co/wp-content/uploads/2021/08/ 24 KB
25 KB 19ms
19ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4476-rams-ben-skowronek-suffers-fractured-forearm-324x400.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5e5b967dc86ee24bf220bd0e25844232b9e49e29b48b3d44cde6a8236971e8d

Request headers

:path: /wp-content/uploads/2021/08/4476-rams-ben-skowronek-suffers-fractured-forearm-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1858
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24887
last-modified: Mon, 16 Aug 2021 20:24:43 GMT
server: cloudflare
etag: "6137-5c9b2fdd0770b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2Fw7fb7Vmt6%2FUt7Fr9Pzau08mBvQ%2Bi4jaAuxcf6kKtwkT0epJAQAt3m%2BrhOA%2F40rpSbs3j1kBwpIKB0PDK2a47weOJWLTRIp8j5ofCaRNsrqqYSwJwXrsDWFny5Sbk6Cki52LVS%2Brhg3qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4db9da46485-FRA

POST
H2 200 v2tuwFJ8kPw9y_HVvirdJZQ9OWy6G4Y8Cgb4aQ0gRN6S89ZknGjR-RTb7yXb0Du8LPBOuC4tGuMzX53-whXyNQk19bULmVRFrijKqPq-UvRlGz59CDSDBELaZSUAuI4ffxZ6lxBTGeEO4 Show response
steadfastsystem.com/ 216 B
610 B 41ms
16ms Fetch
application/json 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2tuwFJ8kPw9y_HVvirdJZQ9OWy6G4Y8Cgb4aQ0gRN6S89ZknGjR-RTb7yXb0Du8LPBOuC4tGuMzX53-whXyNQk19bULmVRFrijKqPq-UvRlGz59CDSDBELaZSUAuI4ffxZ6lxBTGeEO4

Requested by

Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

b6306c16271b491ddd5efe0ed65cf4892d0133ce81a56a38128bd9e5f11ed0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Mon, 16 Aug 2021 22:04:06 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 0586a9fb
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Mon, 16 Aug 2021 22:04:05 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 16 Aug 2021 22:04:06 GMT

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B6A2 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 20:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 523120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 20:45:26 GMT

GET
H3-29 200 4468-watch-pogba-produces-brilliant-skill-while-sat-on-the-floor-324x400.jpg
all-news.co/wp-content/uploads/2021/08/ 24 KB
25 KB 14ms
14ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4468-watch-pogba-produces-brilliant-skill-while-sat-on-the-floor-324x400.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a11371c3bdebb6e431995c3da35a37aa2dfecbfb09c5694b4cf0ce30a6fcbd8

Request headers

:path: /wp-content/uploads/2021/08/4468-watch-pogba-produces-brilliant-skill-while-sat-on-the-floor-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1858
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24952
last-modified: Mon, 16 Aug 2021 09:24:39 GMT
server: cloudflare
etag: "6178-5c9a9c53f3611"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gr95k6vOj%2B8D6Wsn6hl9KzyER88vh9Gu0tQ7pG1SZ4ieJD6NYPMBB88EWcEIaXL5LrCZ199%2Fu2L84NAJ5yUxHalh8bah%2FiOIggcfInY9%2F%2BTgSj2aAVJZT5ILjMlb6BGjRHkEjjXopCcPJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4dbbdae6485-FRA

GET
H3-29 200 4464-miami-dolphins-resting-some-starters-against-chicago-bears-324x400.png
all-news.co/wp-content/uploads/2021/08/ 225 KB
226 KB 21ms
21ms Image
image/png 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4464-miami-dolphins-resting-some-starters-against-chicago-bears-324x400.png
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 290ad73c1256fa8d711b48a4a0482e6a24f996d9851294b0b5d91b2da3768091

Request headers

:path: /wp-content/uploads/2021/08/4464-miami-dolphins-resting-some-starters-against-chicago-bears-324x400.png
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1858
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 230908
last-modified: Sun, 15 Aug 2021 20:24:39 GMT
server: cloudflare
etag: "385fc-5c99edfc4336a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gklp02hI200LxDkj0lVTTTrqD7gc9xol1FZuzRYidXl%2FHZSfhSdrKtlGSTk6IeE4GUgSemeDWNzfnA45CBMyCU3v2mfIBAv3h57ejZCQP0pgeD7D2HRK%2FEx4hcM1it0hj5alBDRWs4Xd8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4dc2dc16485-FRA

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 89B5 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 16 Aug 2021 17:09:25 GMT
expires: Tue, 16 Aug 2022 17:09:25 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17681
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A43 783 B
532 B 27ms
25ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3cb2e3e7ee97a890fb78fc1ba62ebd6b30d38eb4f8915d03dc833c83651a2001

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y4EurI2e2ka7615t4bEYNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

expires: Mon, 16 Aug 2021 22:04:06 GMT
date: Mon, 16 Aug 2021 22:04:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-y4EurI2e2ka7615t4bEYNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 4458-comparing-odegaard-and-smith-rowes-arsenal-stats-in-2020-21-324x400.jpg
all-news.co/wp-content/uploads/2021/08/ 24 KB
25 KB 17ms
17ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4458-comparing-odegaard-and-smith-rowes-arsenal-stats-in-2020-21-324x400.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11152c83d6bfa2e94977221ddb9b42e599670e967447ff14cdea0fb220df58fa

Request headers

:path: /wp-content/uploads/2021/08/4458-comparing-odegaard-and-smith-rowes-arsenal-stats-in-2020-21-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1858
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24932
last-modified: Sun, 15 Aug 2021 17:24:47 GMT
server: cloudflare
etag: "6164-5c99c5c7a732a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YbQfLiDrLwo94rB%2FX7QKy2SpF6oxl0%2Bcc78LvX6DlrFRJ3aKkNaUSDghMd9Iv3aafyck43J0aI4uymSqaevxk6HvnmyOQH%2BMkyBHSD4GskhjAyp1Tu6FFlPRod2oHS2il2agH5rISt9RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4dc3dc46485-FRA

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 89B5 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 20:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 523120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 20:45:26 GMT

GET
H3-29 200 4476-rams-ben-skowronek-suffers-fractured-forearm-696x361.jpg
all-news.co/wp-content/uploads/2021/08/ 31 KB
32 KB 18ms
12ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4476-rams-ben-skowronek-suffers-fractured-forearm-696x361.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aacbbb135ca5fe66535f3c4915110bbe898f5bffab7fae8f2294abbc9af004c8

Request headers

:path: /wp-content/uploads/2021/08/4476-rams-ben-skowronek-suffers-fractured-forearm-696x361.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31786
last-modified: Mon, 16 Aug 2021 20:24:43 GMT
server: cloudflare
etag: "7c2a-5c9b2fdd1ea24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNl9X5OZ6dWuAPjVZ49z1QOlKJAxXtygmBVBfmRUVIuJUVg5jcrDVG%2FCvd%2Fynibxb7YiiNagJIl2I1rZxPl9LGGEMNJD5VxU9Xru5na1g8vMJuquc3PmSa7QOGuNI7LlREEiIrk%2FGXnWFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4dc7dcf6485-FRA

GET
H3-29 200 4474-new-wildfire-tactic-help-people-flee-696x464.jpg
all-news.co/wp-content/uploads/2021/08/ 90 KB
90 KB 20ms
20ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4474-new-wildfire-tactic-help-people-flee-696x464.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 859c289b700f79df4a9c5f1daddeb52f0c56b983135a8ab60fdf3ff4ccb779ef

Request headers

:path: /wp-content/uploads/2021/08/4474-new-wildfire-tactic-help-people-flee-696x464.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 91771
last-modified: Mon, 16 Aug 2021 17:24:47 GMT
server: cloudflare
etag: "1667b-5c9b07a5d72ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXpBG4wEUsmPNysVDFSYTvmJ0bLFEvq41Z0XmJroKaz6l%2BwU21E3CqLr0m6edxFLafBI3NFILory7FYxejfRx6gWTMBEL23WA9NUJKph8j6G6By0S4TcnIyjL8FbCcilEl6FyxpQ0XWKYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4dc9dd46485-FRA

GET
H3-29 200 4472-probiotic-cocktail-help-corals-boost-to-survive-the-heat-696x392.jpg
all-news.co/wp-content/uploads/2021/08/ 82 KB
83 KB 17ms
17ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4472-probiotic-cocktail-help-corals-boost-to-survive-the-heat-696x392.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c697678875509b5b37545562c6474f97562200da28a73564b933dddd27412db

Request headers

:path: /wp-content/uploads/2021/08/4472-probiotic-cocktail-help-corals-boost-to-survive-the-heat-696x392.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 84360
last-modified: Mon, 16 Aug 2021 14:25:44 GMT
server: cloudflare
etag: "14988-5c9adfa0684a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qik0y3cAWT5FJq6pEB39azTfuLOC%2BUlbQ3F8QdHW9PEChUhvbdxBYZjMpTbtsLKcLDiuEaTnTNRZatiEIerggX9PR%2FfrPoWiZsAboQ08Dmylxq9T2UW4FfxEgNH2y%2BZKPHP69PqegY1rbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4dcddde6485-FRA

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=351835942752610&bg=!e3ileDzNAAZvV8FTb1c7ACkAdvg8WvK8WZsrj94omW2729a-JGOeL7B52MeKVYstyoBeZ-bbhcR3AwIAAABMUgAAAAhoAQcKARXKHQw7E-PRpCIVv-mQG9r7_Mep5v5RmhA2ESxcV36oWJuQzGvz_tUU8vr7CfJb0xE9svxZ2SmF-lxnByn6gJCoXcHfyHCBB3X6-Vb4YXLsznKpGXRAVjmwz92MKzZEMH2fkXwHQd82QeX5HAjxzL5DP-01P2L8SkN5sPtStULst7j1KudoFgWzPlGn96s5eKudA-y7jN9lruZWaz27l0JF_LSCrbyr0l2_7OP9c8NQM2EPE98AfEZDNUqP6uRDBAeVbk4dfAsNHslNG-ueKBKDQKscEKv6gURphP1UPEjJe3dLs8QNrG1OzhuR0Gp5XjuWoqSu0uC6PNVAwvVcw8B-vZSvySjF84blr_LgM4xzyj1V-srwmQJ2mmw2glz5jS8bFKJ-yTyjbb0r-ynLmfQ9KEPGpKzo4pnx5cdi2WC92OfC4_t1Fzc0IhkSt13p1sqfhMugUhQ1m7X_Y5zSzscsjfxdixyup1cP_UbtQY9HWv4GJGM5htUWmXPY40yg3mFOQb-_vT8Zfq6dmITB2wQJpTeFAhcjXCawyIvrXrKUY6MbhFQvxxFyGm2cOe8etJizQwihZV_eqgCY4d-fYrtZgTYSjRYry6ZPFqdTXsauBj3ZhxwZb2f4McrzsrjiJAsMdIgPQ_Vh9wcsxgnFgpsiBfVECVrvLLPHgYXIdQbgSelxJ1i1s9ddNHgjuin66nkDru1cVlrPSlYX2JKaUFJ8lggDY-FmImnI2jAEmNA5mC4Jyb9NRqdVQjkGxj78RZTgDFT4NwHMmyJdel-wdOn0oOnV1EPJAyYCLXj9nHvuWnQMtSJ-ZZCZKMuuJ9X4afhJxRDRRAQX_VvGV_JjQazt96U9V_x2aCm7USVwlarIY9bfz2VioHoGh6EPDOVLmYfCcDOUAff9u-Nc7owS7WzXXtMN77tZ3yqq6VjNkPr2H_2xMQNzhMq4-qyfWNrJcjcDZgPMSFnHmEnYssOxuAI4f0zlf3ho0VIXCVBYkDC3CDfklnzAvzQJBbX9E5m1l40oFTdf9hY2b7vSRJJML3xnk7FNWYmZCN4lPi8Z1THAG6T0MLSWbZPfs2p-uY5E8p3sdUxEOwAKAzdmHeMhOlXNs7uUojzdYOaXkm08jHO0g1FOJJyBj9vTu0vR1R7NMDmPYVnlp-lp_LVKfQlDIjmRfw4Le_v_cgnhag_lCDs-FGD-etMcj7lPRKLE-JrT

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 22:04:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 4470-congress-leader-sushmita-dev-quits-was-chief-of-partys-womens-wing.jpg
all-news.co/wp-content/uploads/2021/08/ 29 KB
30 KB 23ms
18ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4470-congress-leader-sushmita-dev-quits-was-chief-of-partys-womens-wing.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a74a1d91eca7a438dd3aaa7c6237944974b7ef79b45e5379a63d37bac1e0bc1

Request headers

:path: /wp-content/uploads/2021/08/4470-congress-leader-sushmita-dev-quits-was-chief-of-partys-womens-wing.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 29977
last-modified: Mon, 16 Aug 2021 10:24:40 GMT
server: cloudflare
etag: "7519-5c9aa9be1e2ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2WyH0wyTHsQF25fT11Prf986f3uuRIYfVkvoROoSfwBx3dOy2w7WkzdxPFKeBsdZ6Q2Nv6itejvlxQQ85IwDV9y6QkYmXCFYWwNAcIK741ziFUYzAS98aILTNKjlahBjd3tPnv0cPctcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4dd2dea6485-FRA

GET
H3-29 200 4476-rams-ben-skowronek-suffers-fractured-forearm-696x361.jpg
all-news.co/wp-content/uploads/2021/08/ 31 KB
32 KB 14ms
14ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4476-rams-ben-skowronek-suffers-fractured-forearm-696x361.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aacbbb135ca5fe66535f3c4915110bbe898f5bffab7fae8f2294abbc9af004c8

Request headers

:path: /wp-content/uploads/2021/08/4476-rams-ben-skowronek-suffers-fractured-forearm-696x361.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31786
last-modified: Mon, 16 Aug 2021 20:24:43 GMT
server: cloudflare
etag: "7c2a-5c9b2fdd1ea24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8e%2FYJMwieh9%2FA%2FcZtOT4VXyZVddnnRNv%2FVCmFnJnr37ZWSidixx0owPe3eY21nJKAXqO%2Baa3nEqwBQQULAwaKsJayAYegf%2BndIdbQhlYBBwvI9buEXRnacfFiVqSi6EBYtHfUOo6p0YisA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4dd2dec6485-FRA

GET
H3-29 200 4474-new-wildfire-tactic-help-people-flee-696x464.jpg
all-news.co/wp-content/uploads/2021/08/ 90 KB
90 KB 16ms
16ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4474-new-wildfire-tactic-help-people-flee-696x464.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 859c289b700f79df4a9c5f1daddeb52f0c56b983135a8ab60fdf3ff4ccb779ef

Request headers

:path: /wp-content/uploads/2021/08/4474-new-wildfire-tactic-help-people-flee-696x464.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 91771
last-modified: Mon, 16 Aug 2021 17:24:47 GMT
server: cloudflare
etag: "1667b-5c9b07a5d72ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOf8tx%2Fk78%2FDO6dki9aS2j2Cmxp4CAxEATNOQTUXbIb1pkUIllTyPNXrRveAif3gT%2ByhkND4%2FvCKJ6CafEU%2Bzhn%2F%2Bk60Z0aNJ94zvkd1T09vLlm2VdttCqsYHieN1W0i1tUUD2vGOo7kwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4dd5df26485-FRA

GET
H3-29 200 4472-probiotic-cocktail-help-corals-boost-to-survive-the-heat-696x392.jpg
all-news.co/wp-content/uploads/2021/08/ 82 KB
83 KB 44ms
43ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4472-probiotic-cocktail-help-corals-boost-to-survive-the-heat-696x392.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c697678875509b5b37545562c6474f97562200da28a73564b933dddd27412db

Request headers

:path: /wp-content/uploads/2021/08/4472-probiotic-cocktail-help-corals-boost-to-survive-the-heat-696x392.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 84360
last-modified: Mon, 16 Aug 2021 14:25:44 GMT
server: cloudflare
etag: "14988-5c9adfa0684a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlqDdHGiD%2BqhW9yCi8aXyAjqo3a6r1i7X7RFikKCwvO2y2D5l73oj7CU0fgaXa78MvHC5gBx6e3HwaHUleFoVKMRLEgmSF%2FgZOoNeGZCGMawl8l0mI25pSOtd0frh9ryT88ORjRQ2YgbuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4dd6df56485-FRA

GET
H3-29 200 4470-congress-leader-sushmita-dev-quits-was-chief-of-partys-womens-wing.jpg
all-news.co/wp-content/uploads/2021/08/ 29 KB
30 KB 19ms
17ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4470-congress-leader-sushmita-dev-quits-was-chief-of-partys-womens-wing.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a74a1d91eca7a438dd3aaa7c6237944974b7ef79b45e5379a63d37bac1e0bc1

Request headers

:path: /wp-content/uploads/2021/08/4470-congress-leader-sushmita-dev-quits-was-chief-of-partys-womens-wing.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 29977
last-modified: Mon, 16 Aug 2021 10:24:40 GMT
server: cloudflare
etag: "7519-5c9aa9be1e2ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uJjjArWqvn0%2FkB6FsqAGB271DiN69M%2BFNHfukhKXODLFoane3u8qh5cPmbOm5zsk8ZaeUMvv4v6pACvo4AHaYsToHx%2BZz8FzteOgutQm3SigQ%2FjEYDDRC8fFypYx%2FRa6GAeSgNIY2Kp2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4ddadfd6485-FRA

GET
H3-29 200 4472-probiotic-cocktail-help-corals-boost-to-survive-the-heat-696x392.jpg
all-news.co/wp-content/uploads/2021/08/ 82 KB
83 KB 14ms
13ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4472-probiotic-cocktail-help-corals-boost-to-survive-the-heat-696x392.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c697678875509b5b37545562c6474f97562200da28a73564b933dddd27412db

Request headers

:path: /wp-content/uploads/2021/08/4472-probiotic-cocktail-help-corals-boost-to-survive-the-heat-696x392.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 84360
last-modified: Mon, 16 Aug 2021 14:25:44 GMT
server: cloudflare
etag: "14988-5c9adfa0684a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9B1Hz2OOVpC4Ixoj4GLnOQ2WMbKwo3jZgGs7jVcEglz5BJo%2FtwqczVVLLMUnlsCCadaqkn1cl7tXXwVh7oONRBh6An2xbe%2F05POaK8i5aXV9B%2BMvSiDjaTOWgHM1S0NasLHVwhUCiQAhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4de0e126485-FRA

GET
H3-29 200 4472-probiotic-cocktail-help-corals-boost-to-survive-the-heat-696x392.jpg
all-news.co/wp-content/uploads/2021/08/ 82 KB
83 KB 18ms
18ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4472-probiotic-cocktail-help-corals-boost-to-survive-the-heat-696x392.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c697678875509b5b37545562c6474f97562200da28a73564b933dddd27412db

Request headers

:path: /wp-content/uploads/2021/08/4472-probiotic-cocktail-help-corals-boost-to-survive-the-heat-696x392.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 84360
last-modified: Mon, 16 Aug 2021 14:25:44 GMT
server: cloudflare
etag: "14988-5c9adfa0684a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxMtX8Vg8rhFpNkUdSfifkldlOxKn%2Bf5zcKpl1An%2FzhwNv6mtOq0O9TTCbUOMcVzVwkwAi3aB8p5uBRzFu7Ggoq35iDRtQjZwo0ohG8dAT5to1pPlrq2cnjA2n8EPvBw0HXILRwygsrAQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4de3e186485-FRA

GET
H3-29 200 4470-congress-leader-sushmita-dev-quits-was-chief-of-partys-womens-wing.jpg
all-news.co/wp-content/uploads/2021/08/ 29 KB
30 KB 13ms
13ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4470-congress-leader-sushmita-dev-quits-was-chief-of-partys-womens-wing.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a74a1d91eca7a438dd3aaa7c6237944974b7ef79b45e5379a63d37bac1e0bc1

Request headers

:path: /wp-content/uploads/2021/08/4470-congress-leader-sushmita-dev-quits-was-chief-of-partys-womens-wing.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 29977
last-modified: Mon, 16 Aug 2021 10:24:40 GMT
server: cloudflare
etag: "7519-5c9aa9be1e2ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jg%2BbaGv7BncMcNJcjXiBBMmfPEAROVLQwm%2BgrbdJ0jNilVxpnwTIDo%2FI50twds7guLRXkQdnIw5Q8m0ckk0KmnK78kpi5wBum%2BkTqsAHkFxUxsFPfVOWKXGdIYRDQQ7sK1N%2F3mNMV7ERww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4de5e206485-FRA

POST
H3-29 200 admin-ajax.php Show response
all-news.co/wp-admin/ 0
737 B 326ms
325ms XHR
text/html 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://all-news.co/wp-admin/admin-ajax.php

Requested by

Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.25

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://all-news.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
content-length: 51
:path: /wp-admin/admin-ajax.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-edge-cache: cache,platform=wordpress
date: Mon, 16 Aug 2021 22:04:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.25
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syO4uZBxCd5luIyWiFyFpq3qIL3z6fbjCHWA3x4TWX%2FT2jCjlwYsZDG03%2BhGJWKDrCpSwfp%2BDhyJFppR855iP%2B2cVLsILELCgtZo2o4MH1RNMHBEWeLP9TsnnQb%2FO%2Bwf2C7P%2FXfmEnIX5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://all-news.co
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 67fdf4debe336485-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A075 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC58B1eAaYbP4J4LP7_UPn8uOwAe_8Pn2YuL-7p-TDv_jtY-1ARABIMzT7IIBYJUCoAGVpOiwAcgBAqkCh31WLULCsz6oAwGqBP4BT9D6Qn_absaGdmonET-VNZ8yXf9ovHnR6C0czz9jhM7cnWzEMKTp8B89OoF5IWo-M6eIgCzyemrMwCUFfzy0_p_sk0jilibLoE5vr8r6n_xSiu9BmpI6RHN0FewDdirwBtO_CYvyVY7NwvdXkDrOjELdA0kdq5NGnUoplF7kXE-l9FuIpqSnPWCsLZEvMW6gx5XRZAN9-dEBhUddr12iZoukVgfZHoxriGqk7R0QUqss-syJNFwJF5KwZu_-vNWc5j2x38s9zgis5dIvfPnnVdiihwq1vPu9l8JDrHR53L-oZGRgrkGA6Me98fYSNemw-FI3KTBqsM-7mz8wFIDABPy5i_nLA6AGAoAH09uXzwKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQnpcE0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=qpZxYOL9CNc&vt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=174&slotname=9637193975&adk=1134260940&adf=405147968&pi=t.ma~as.9637193975&w=696&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445411&bpp=2&bdt=397&idt=220&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C712x178&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3IWLaCdeLD&p=https%3A//all-news.co&dtd=223
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 22:04:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A075 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHqB_t7EQJJgP-WiqJmYJRt3UKEGDW_i9GtCjVh6rJKZQgi5X63AtM3fJ641HGHcZYi3blh6YhDsd-cxSUDlpJW_Lmcq3rXXIm-s_yhB3Qxmp2dwGzdg3gEQntKQ&sai=AMfl-YRZ2YCFOPY7iOPfCXTKdT7Mo-WzC8a5jYOgFiZowoIVTAKu8qV5aHBM-7gSupdVYRD-7SvgYyLBlJW7&sig=Cg0ArKJSzG0yEOxno0HZEAE&id=lidar2&mcvt=1000&p=1039,266,1213,941&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210816&bin=7&avms=nio&bs=0,0&mc=0.92&if=1&app=0&itpl=4&adk=1134260940&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629151445635&dlt=273&rpt=407&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 22:04:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 4476-rams-ben-skowronek-suffers-fractured-forearm-324x400.jpg
all-news.co/wp-content/uploads/2021/08/ 24 KB
25 KB 16ms
15ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4476-rams-ben-skowronek-suffers-fractured-forearm-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5e5b967dc86ee24bf220bd0e25844232b9e49e29b48b3d44cde6a8236971e8d

Request headers

:path: /wp-content/uploads/2021/08/4476-rams-ben-skowronek-suffers-fractured-forearm-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1859
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24887
last-modified: Mon, 16 Aug 2021 20:24:43 GMT
server: cloudflare
etag: "6137-5c9b2fdd0770b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnpGRTi5rfRfNs49bLzKS86Eg9slHg89oQb6o94EbtClAr4eTNYzRRjCSYSMIh1i32zJFDILdBKkarE0ZjFjGrOw68G%2BiVPlYUGH0SPAUojY2mlxUVVhjixhSgL1Dn8jZFZW0XtFINxF3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4e0ce7f6485-FRA

GET
H3-29 200 4468-watch-pogba-produces-brilliant-skill-while-sat-on-the-floor-324x400.jpg
all-news.co/wp-content/uploads/2021/08/ 24 KB
25 KB 28ms
27ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4468-watch-pogba-produces-brilliant-skill-while-sat-on-the-floor-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a11371c3bdebb6e431995c3da35a37aa2dfecbfb09c5694b4cf0ce30a6fcbd8

Request headers

:path: /wp-content/uploads/2021/08/4468-watch-pogba-produces-brilliant-skill-while-sat-on-the-floor-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1859
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24952
last-modified: Mon, 16 Aug 2021 09:24:39 GMT
server: cloudflare
etag: "6178-5c9a9c53f3611"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ps3X2y5wp3R3Nl%2BrGRQBUNviNo0PpbQf02qBqQaNcM6VZLjmqmgGEskxn8pDspofjEmRn8Y32SvmlJ2EXjqDMIIbiA%2BFVZtsVRdUB1IEplj%2B%2F3l0XgSVyE6cj%2BM2IEGC3u080bkN3qh4mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4e0ce806485-FRA

GET
H3-29 200 4464-miami-dolphins-resting-some-starters-against-chicago-bears-324x400.png
all-news.co/wp-content/uploads/2021/08/ 225 KB
226 KB 20ms
20ms Image
image/png 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4464-miami-dolphins-resting-some-starters-against-chicago-bears-324x400.png
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 290ad73c1256fa8d711b48a4a0482e6a24f996d9851294b0b5d91b2da3768091

Request headers

:path: /wp-content/uploads/2021/08/4464-miami-dolphins-resting-some-starters-against-chicago-bears-324x400.png
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1859
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 230908
last-modified: Sun, 15 Aug 2021 20:24:39 GMT
server: cloudflare
etag: "385fc-5c99edfc4336a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CetD9LKWbGhI99Ej2651KMZR%2FCG63usX61YdTe7rSAr1WsiV9xxAZd9K8KhE%2FovL%2FLHgb%2Bcu%2FFtfmbNWpp61tyeksPfUilr%2FaBvDJnElgDp1lw06bGFL%2BMwz3J1XDiGDuPqGFOm3Ralvkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4e0ce816485-FRA

GET
H3-29 200 4458-comparing-odegaard-and-smith-rowes-arsenal-stats-in-2020-21-324x400.jpg
all-news.co/wp-content/uploads/2021/08/ 24 KB
25 KB 12ms
12ms Image
image/jpeg 2606:4700:3030::6815:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/08/4458-comparing-odegaard-and-smith-rowes-arsenal-stats-in-2020-21-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11152c83d6bfa2e94977221ddb9b42e599670e967447ff14cdea0fb220df58fa

Request headers

:path: /wp-content/uploads/2021/08/4458-comparing-odegaard-and-smith-rowes-arsenal-stats-in-2020-21-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.703857852.1629151445; _gid=GA1.2.1066296990.1629151445; _gat=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; __gads=ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg; _awl=2.1629151446.0.4-b1903e3f-2b87f75b09dba22c55124c64b236edbb-6763652d6575726f70652d7765737431-611ae0d6-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/hear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:04:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1859
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24932
last-modified: Sun, 15 Aug 2021 17:24:47 GMT
server: cloudflare
etag: "6164-5c99c5c7a732a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNXdczIqXyGMhtZYEHyRKjce4as9TAG71%2F6qClijWld2bhE8xuIVyC57yMOgZqSp8o%2BqOVFxYiA4gaR62U0%2BY4oEyM9KQPNK3KWHu7dttuC4%2FuoRvfhhkw4W6WmgQYpt9ga0pOqJEGoJ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67fdf4e0ce826485-FRA

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 95C4 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWwMs1eAaYfGvK5aU7_UPz6qPmAaCw661ZKio8aPoDPzRsrOWDhABIMzT7IIBYJUCoAGSj83KAsgBBqkCh31WLULCsz6oAwGqBP4BT9AoY9H7q75R6igzRaP9vxgZg_sd2Gbo3ScrMqdzKsc5poDfWEvcrKZIwIMT0KH6HGnZPkm3fURlu6MlJgPqJLBXquK0Fze9_D8HgWI56phoWhvF3dNQPK0ORi_lApS2QCG1cWQChAbSsrOw74Kpm5c3iTwP9LDkBZ_mbo6bYwQaxlCSGQHlCTGjcHOMUOi9ZpxEyCnPFepzW1wJqzUZX7KoGmuaZFSBlWEmeNaVa-NusxpINafWtQgRRNfuQbODUKvusC1KFcN0OW-iqdXr8_CkhxaCfEge7Ugdmeniir6JjF57NAIgRMSQG1XOWPxktYP97VhzznNJQq0sFYXABPvWjeHBA6AGN4AHpv-0tQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ87sE0ggJCIjhgBAQARgfgAoByAsB2BMDiBQB0BUBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=KmNMhzCQfbE&vt=1&template_id=492&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=270&slotname=2591919806&adk=1740259769&adf=3437838863&pi=t.ma~as.2591919806&w=324&fwrn=4&lmt=1629151445&rafmt=11&psa=0&format=324x270&url=https%3A%2F%2Fall-news.co%2Fhear-miley-cyruss-glam-rock-take-on-cocteau-twinss-heaven-or-las-vegas%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629151445467&bpp=1&bdt=453&idt=222&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fbfa78b3ae3e481-2249482dadc900d2%3AT%3D1629151445%3ART%3D1629151445%3AS%3DALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg&prev_fmts=0x0%2C712x178%2C696x174%2C696x174&nras=1&correlator=11713751716&frm=20&pv=1&ga_vid=703857852.1629151445&ga_sid=1629151446&ga_hid=1505547935&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061486%2C20211866%2C31062297&oid=3&pvsid=351835942752610&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=JQtsWfyJTg&p=https%3A//all-news.co&dtd=226
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 22:04:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 95C4 42 B
64 B 23ms
22ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulBtx8dsGWNwM79NHKRfeNGFyHtn3upirQRtcxloSz8SJ-T1Z8F90yhbIKjGYBEhSkcNs9ofygT8hln2lfCCtJfj8ffysNEmKBK1pPV4YWoNd04tr55Z3NmqyvZyVWrvYUyCGUpTTmMI3fZCkGi3NL&sai=AMfl-YQp_rf5DBB0HiMqQjLM2VDIr4gQ82Au3cJaFw_oV8JLR2MsCLwVhOGBjnYVPETxOfcLin79dehQPEIZE-Qj6AIwv0MxfI7on2AooN7HtN_WgAIwcT24MWVYjIdeGQY&sig=Cg0ArKJSzJxfiZ7WI80rEAE&id=lidar2&mcvt=1000&p=342,1010,612,1334&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210816&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1740259769&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629151445693&dlt=464&rpt=601&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 22:04:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:32:32	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 20:32:35	Name: DSID Value: NO_DATA
.all-news.co/	1970-01-20 05:54:07	Name: __gads Value: ID=4fbfa78b3ae3e481-2249482dadc900d2:T=1629151445:RT=1629151445:S=ALNI_MaGVwi7p5ud2j_EIoeFbuzWx1Bytg
.doubleclick.net/	1970-01-20 05:54:07	Name: IDE Value: AHWqTUmUMHxnSg14Tx2CXvsyryPRGihOLGk6mucFz9SkSa95Lot_DbSwXMIvygSLFxg
all-news.co/	1970-01-20 05:18:07	Name: cookielawinfo-checkbox-non-necessary Value: yes
.all-news.co/	1970-01-19 20:33:57	Name: _gid Value: GA1.2.1066296990.1629151445
all-news.co/	1970-01-20 05:18:07	Name: cookielawinfo-checkbox-necessary Value: yes
.all-news.co/	1970-01-19 20:32:31	Name: _gat Value: 1
.all-news.co/	1970-01-20 14:03:43	Name: _ga Value: GA1.2.703857852.1629151445

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.bewanted.com
adservice.google.com
adservice.google.de
all-news.co
bit.ly
cdn.onesignal.com
diabani.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mtv.mtvnimages.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.adsafeprotected.com
stats.g.doubleclick.net
steadfastsystem.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
151.106.5.114
167.89.123.124
2.16.186.184
216.58.212.162
2606:4700:3030::6815:36b
2606:4700::6812:e134
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:803::2004
2a00:1450:4001:803::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9d
35.190.90.202
52.209.141.213
67.199.248.11
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
0312ad5376fa0248eaa064cb09032971612ac283488537c5e22375cd50b90080
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e
0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
11152c83d6bfa2e94977221ddb9b42e599670e967447ff14cdea0fb220df58fa
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
288d008903a98300e7cd9ccd3eb1cc6ee960e49523d9860e808e0da832842916
290ad73c1256fa8d711b48a4a0482e6a24f996d9851294b0b5d91b2da3768091
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574
2d8bbdad63dfa9d8207659a5a5ec89b9500a5acbfef24047e4309de581185ff1
323d4d29fcbd57e15745846cd6bf1db48761c8122bbf25815a9e02ef803a8900
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
335b92fa16caab702639ddc7553c69f5c9d1688d6406113d1718ade8a1eb7f62
357839b656a38b688c109822362a471abf0cfa1c50b94f913e8c141fba7f59bf
3a11371c3bdebb6e431995c3da35a37aa2dfecbfb09c5694b4cf0ce30a6fcbd8
3cb2e3e7ee97a890fb78fc1ba62ebd6b30d38eb4f8915d03dc833c83651a2001
3d2b468b33538e220aab3fe713b10473b00d10555c9e1bb1b4c7f0e3b9a31af6
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4313a9f3aeeb6587530ee137e910d040e9b989c3cd3d3b0c835532cbb6a5565b
4654c767d415745ec9e324e7b62e532088fe04a961ad5eb21b02487af0f8c08f
473ca240f1238bb32be049d8ddf72100561a03f04169b39bf27d1f0279b1dd25
49beb700d387c742e63bdbe609124f2cb157fb3d008d8a8dda9b72efc730c859
4a74a1d91eca7a438dd3aaa7c6237944974b7ef79b45e5379a63d37bac1e0bc1
4c697678875509b5b37545562c6474f97562200da28a73564b933dddd27412db
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50c7e5ad677f7e2ae070247b996e043261429999a6bf3aa5b0ab86341f4461ab
51d0e85097a841f69894079309ad6368bb01eb0a51411d8cf61038a7fcc49a51
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
61fe4436f1d882b3acd98fb2763984bacd382664582f4918647b89894f46b871
65719beca38fc215272df43b9b4deb6e38be8979b0980020d739aca717692561
6956cbfddf2ce28aee043ecd2b7dbc3ada3954646d7009c6dd1b5ca173f136f9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dec5c0216d293378f7d37f1d2b1033f5315ef1e2c4c3f8790cf5de865826ec7
6fe87bbc0a3d39bfa4c491813a82decb887d72f0130d60f47b3ee1ba56677d5a
732e2d19037e347f87a4992a98ce710c6baeec0f4acd3c38bfa46ea7225d50d8
7da8d792ef771180eef9e592f2a3b5ebcc0f74eea6f5475d1a1e9e5665bb8448
808fa266ffd5666e6ecbff99004bc49617c77cc4287880af64ddf3875022d128
859c289b700f79df4a9c5f1daddeb52f0c56b983135a8ab60fdf3ff4ccb779ef
90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
918aeda423776a4825396ff8164e3d55cb18f567d5d260a24d06589ea016959c
9a84950f98c69dbc5c11fa8e05c8002187a253fe3a3ad99a4da58a6574643706
a0df6d9bf8fa59628d843a24805699fd880e27de17515fc0c07ccabe5c2448d1
a22f85f1a257dfe812b91e347ffff79eee4cff5eb89f0b429a32ae1ab96d8adc
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aacbbb135ca5fe66535f3c4915110bbe898f5bffab7fae8f2294abbc9af004c8
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b26dbd9e0b1469f90cc9b4c05ad9974bdf59748279e4554251910fb83d6ef5ce
b5e5b967dc86ee24bf220bd0e25844232b9e49e29b48b3d44cde6a8236971e8d
b6306c16271b491ddd5efe0ed65cf4892d0133ce81a56a38128bd9e5f11ed0f8
b6dc9916036b41f4eb3ac4cfa16e215b38090bed8723c5ab86c765e6ea52e63e
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c518ad5d0adbc0754bac8b71c958312a6bd77d4e318500fec44d929e00f857ec
c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d4210180539f850f4d13f09a950b88cf794a39ed47042ff75a09d8bb013d0c91
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df4ba6a4ea45e19fdd92e7b6fbb42101da081d301af28151b2e6294d4dc1d1c3
df85aac876d06864d10bb0fc5f45c6fa28870ed4eda966f3082d52e42173d962
e11358f81905fda56213119d8d9a1076ec679d26ad3f9ad82c0091024a7a1408
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8ae14082f4d2088f2bcc4f8e3da3955343dd1e39e0a5f9333c45d6428c3cfc5
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2964eaaa17b81ff911681e57089511c35c7ebbbb8cce98e8c64bad2de197149

all-news.co Open in urlscan Pro 2606:4700:3030::6815:36b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

127 Requests

100 %HTTPS

76 %IPv6

17 Domains

21 Subdomains

26 IPs

5 Countries

2651 kBTransfer

5276 kBSize

9 Cookies

13 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

all-news.co Open in urlscan Pro
2606:4700:3030::6815:36b Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

100 %
HTTPS

76 %
IPv6

17
Domains

21
Subdomains

26
IPs

5
Countries

2651 kB
Transfer

5276 kB
Size

9
Cookies

127 HTTP transactions
5 data transactions