www.ivpressonline.com Open in urlscan Pro
192.104.183.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ivpressonline.com/
Effective URL:
https://www.ivpressonline.com/
Submission Tags: tranco_l324
Submission: On November 09 via api (November 9th 2021, 9:05:34 am UTC) from DE — Scanned from DE

Summary HTTP 484 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 79 IPs in 8 countries across 59 domains to perform 484 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is www.ivpressonline.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on November 6th 2021. Valid for: 3 months.

This is the only time www.ivpressonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	192.104.183.109 192.104.183.109	10668 (LEE-ASN) (LEE-ASN)
36	104.18.131.43 104.18.131.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	13.225.78.47 13.225.78.47	16509 (AMAZON-02) (AMAZON-02)
19	13.225.78.59 13.225.78.59	16509 (AMAZON-02) (AMAZON-02)
29	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	35.227.203.93 35.227.203.93	15169 (GOOGLE) (GOOGLE)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2	50.17.208.58 50.17.208.58	14618 (AMAZON-AES) (AMAZON-AES)
2	34.96.77.232 34.96.77.232	15169 (GOOGLE) (GOOGLE)
1 1	151.101.193.194 151.101.193.194	54113 (FASTLY) (FASTLY)
6	2600:9000:20e... 2600:9000:20eb:9000:18:a82e:7180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.224.186.78 13.224.186.78	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
11	52.3.82.27 52.3.82.27	14618 (AMAZON-AES) (AMAZON-AES)
2	3.217.216.1 3.217.216.1	14618 (AMAZON-AES) (AMAZON-AES)
1	34.96.74.203 34.96.74.203	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	13.225.78.37 13.225.78.37	16509 (AMAZON-02) (AMAZON-02)
2	2.16.186.232 2.16.186.232	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
19	13.225.78.26 13.225.78.26	16509 (AMAZON-02) (AMAZON-02)
2 6	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	13.224.186.41 13.224.186.41	16509 (AMAZON-02) (AMAZON-02)
6	100.25.5.11 100.25.5.11	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	23.111.9.57 23.111.9.57	33438 (HIGHWINDS2) (HIGHWINDS2)
1 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	52.207.5.56 52.207.5.56	14618 (AMAZON-AES) (AMAZON-AES)
37	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	104.18.12.242 104.18.12.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	50.17.207.51 50.17.207.51	14618 (AMAZON-AES) (AMAZON-AES)
19	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	151.101.129.194 151.101.129.194	54113 (FASTLY) (FASTLY)
2 4	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.57.255.59 52.57.255.59	16509 (AMAZON-02) (AMAZON-02)
1	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
1	3.122.136.79 3.122.136.79	16509 (AMAZON-02) (AMAZON-02)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4200:f618:eaed:4120:e6cb	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
6	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	104.111.244.56 104.111.244.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:21f... 2600:9000:21f3:a200:8:4487:bd00:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f02... 2a03:2880:f027:212:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	52.216.99.139 52.216.99.139	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5 14	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 2	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
3 3	3.120.169.248 3.120.169.248	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.178.101 35.210.178.101	19527 (GOOGLE-2) (GOOGLE-2)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	64.233.184.154 64.233.184.154	15169 (GOOGLE) (GOOGLE)
1 2	63.35.242.195 63.35.242.195	16509 (AMAZON-02) (AMAZON-02)
39	2607:f8b0:400... 2607:f8b0:4009:81c::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:16::6	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:16::a	15169 (GOOGLE) (GOOGLE)
5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	13.225.78.101 13.225.78.101	16509 (AMAZON-02) (AMAZON-02)
2	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
2 5	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
484	79

26 192.104.183.109 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

ivpressonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ivpressonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 104.18.131.43 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-47.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 13.225.78.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-59.fra2.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com

pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.17.208.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-208-58.compute-1.amazonaws.com

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.77.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.77.96.34.bc.googleusercontent.com

widget.secure.ownlocal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.194 (United States) 1 redirects

ASN54113 (FASTLY, US)

production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20eb:9000:18:a82e:7180:93a1 (United States)

ASN16509 (AMAZON-02, US)

discovery.evvnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-78.fra2.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.3.82.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-82-27.compute-1.amazonaws.com

yumasun.friends2follow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.friends2follow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
antifraudjs.friends2follow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.217.216.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-216-1.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 203.74.96.34.bc.googleusercontent.com

api.pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-37.fra2.r.cloudfront.net

player.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.232 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-232.deploy.static.akamaitechnologies.com

cdn-img.pressreader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bfa5bbb6ca60f122bbb83a79f683da35.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e44dcf66a235fce449272c763b2edfc2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ecafd18a3ea3b8148b2000f40512e14f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
86d9fe17ad8913f96795d1e3e76e6c24.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 13.225.78.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-26.fra2.r.cloudfront.net

s.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.224.186.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-41.fra2.r.cloudfront.net

d29xw9s9x32j3w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 100.25.5.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-5-11.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.111.9.57 (United States)

ASN33438 (HIGHWINDS2, US)

twemoji.maxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.5.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-5-56.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.resonate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.17.207.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-207-51.compute-1.amazonaws.com

timber.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.194 (United States)

ASN54113 (FASTLY, US)

evvnt-api.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.90 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.255.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-255-59.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.136.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-136-79.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

sendtonews-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:f618:eaed:4120:e6cb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pi979-10rsz.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

evvnt-plugin-proxy.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.244.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-244-56.deploy.static.akamaitechnologies.com

photos-images.active.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:a200:8:4487:bd00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.mktg.evvnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

scontent-iad3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f027:212:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)

scontent-ort2-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.216.99.139 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

friends2follow-us.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.169.248 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.242.195 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2607:f8b0:4009:81c::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:16::6 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

r1---sn-4g5ednd7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:16::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5ednd7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.101 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-101.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.197.47.23 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	googlesyndication.com bfa5bbb6ca60f122bbb83a79f683da35.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com e44dcf66a235fce449272c763b2edfc2.safeframe.googlesyndication.com ecafd18a3ea3b8148b2000f40512e14f.safeframe.googlesyndication.com 86d9fe17ad8913f96795d1e3e76e6c24.safeframe.googlesyndication.com ade.googlesyndication.com	499 KB
54	doubleclick.net 5 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net pubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net bid.g.doubleclick.net	701 KB
46	gstatic.com fonts.gstatic.com csi.gstatic.com	232 KB
36	townnews.com bloximages.newyork1.vip.townnews.com	540 KB
26	ivpressonline.com 1 redirects ivpressonline.com www.ivpressonline.com	251 KB
22	2mdn.net 2 redirects s0.2mdn.net gcdn.2mdn.net r1---sn-4g5ednd7.c.2mdn.net r5---sn-4g5ednd7.c.2mdn.net	3 MB
20	tradingview.com s3.tradingview.com s.tradingview.com	401 KB
19	adlightning.com tagan.adlightning.com	419 KB
15	google.com adservice.google.com ampcid.google.com www.google.com apis.google.com	27 KB
14	sendtonews.com embed.sendtonews.com player.sendtonews.com s2l.sendtonews.com timber.sendtonews.com	108 KB
12	googletagservices.com www.googletagservices.com	403 KB
11	friends2follow.com yumasun.friends2follow.com tracking.friends2follow.com antifraudjs.friends2follow.com	146 KB
10	cloudfront.net d29xw9s9x32j3w.cloudfront.net	651 KB
9	fastly.net 1 redirects production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net evvnt-api.global.ssl.fastly.net evvnt-plugin-proxy.global.ssl.fastly.net	21 KB
8	amazonaws.com friends2follow-us.s3.amazonaws.com	333 KB
8	facebook.com www.facebook.com	4 KB
8	maxcdn.com twemoji.maxcdn.com	7 KB
7	cloudflare.com cdnjs.cloudflare.com	189 KB
7	evvnt.com discovery.evvnt.com cdn.prod.mktg.evvnt.com	1 MB
6	openx.net sendtonews-d.openx.net u.openx.net eu-u.openx.net us-u.openx.net	2 KB
6	casalemedia.com 2 redirects htlb.casalemedia.com as-sec.casalemedia.com dsum-sec.casalemedia.com	4 KB
6	google.de adservice.google.de ampcid.google.de	2 KB
6	google-analytics.com www.google-analytics.com	40 KB
6	googleapis.com fonts.googleapis.com imasdk.googleapis.com	317 KB
5	yahoo.com 2 redirects ups.analytics.yahoo.com	1 KB
5	advertising.com 4 redirects ads.adaptv.advertising.com pixel.advertising.com	2 KB
5	jsdelivr.net cdn.jsdelivr.net	73 KB
5	googletagmanager.com www.googletagmanager.com	234 KB
4	rubiconproject.com prebid-server.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	adnxs.com 2 redirects ib.adnxs.com	4 KB
4	adsrvr.org 1 redirects match.adsrvr.org	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	fbcdn.net scontent-iad3-1.xx.fbcdn.net scontent-ort2-2.xx.fbcdn.net	21 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net	13 KB
2	adform.net 2 redirects c1.adform.net	925 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	669 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	1 KB
2	3lift.com 2 redirects eb2.3lift.com	948 B
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	84 KB
2	moatads.com z.moatads.com s-jsonp.moatads.com	55 KB
2	pressreader.com cdn-img.pressreader.com	101 KB
2	postrelease.com jadserve.postrelease.com	1 KB
2	ownlocal.com widget.secure.ownlocal.com	26 KB
2	pymx5.com pymx5.com api.pymx5.com	10 KB
1	quantserve.com 1 redirects pixel.quantserve.com	498 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	active.com photos-images.active.com	58 KB
1	tremorhub.com pi979-10rsz.ads.tremorhub.com	422 B
1	pubmatic.com hbopenbid.pubmatic.com	120 B
1	spotxchange.com search.spotxchange.com	1 KB
1	resonate.com cdn.resonate.com	169 B
1	rkdms.com id.sv.rkdms.com	171 B
1	rlcdn.com api.rlcdn.com	332 B
1	indexww.com js-sec.indexww.com	13 KB
1	ntv.io s.ntv.io	113 KB
484	59

	Domain	Requested by
39	csi.gstatic.com	imasdk.googleapis.com
37	pagead2.googlesyndication.com	www.googletagservices.com srcdoc securepubads.g.doubleclick.net c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com www.ivpressonline.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
36	bloximages.newyork1.vip.townnews.com	www.ivpressonline.com
26	tpc.googlesyndication.com	tagan.adlightning.com c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net imasdk.googleapis.com
26	securepubads.g.doubleclick.net	www.ivpressonline.com tagan.adlightning.com securepubads.g.doubleclick.net www.googletagservices.com
21	www.ivpressonline.com	www.ivpressonline.com
19	s0.2mdn.net	imasdk.googleapis.com www.ivpressonline.com s0.2mdn.net c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
19	s.tradingview.com	s3.tradingview.com s.tradingview.com
19	tagan.adlightning.com	www.ivpressonline.com tagan.adlightning.com c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
12	www.googletagservices.com	tagan.adlightning.com c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
11	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com u.openx.net
10	d29xw9s9x32j3w.cloudfront.net	player.sendtonews.com www.ivpressonline.com cdnjs.cloudflare.com
9	googleads.g.doubleclick.net	c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com www.ivpressonline.com
8	friends2follow-us.s3.amazonaws.com	www.ivpressonline.com
8	www.facebook.com	yumasun.friends2follow.com
8	twemoji.maxcdn.com	yumasun.friends2follow.com
8	yumasun.friends2follow.com	www.ivpressonline.com yumasun.friends2follow.com
7	cdnjs.cloudflare.com	player.sendtonews.com production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net s0.2mdn.net
7	www.google.com	tagan.adlightning.com
7	fonts.gstatic.com	fonts.googleapis.com
6	evvnt-plugin-proxy.global.ssl.fastly.net	discovery.evvnt.com
6	s2l.sendtonews.com	www.ivpressonline.com
6	adservice.google.com	tagan.adlightning.com imasdk.googleapis.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.ivpressonline.com
6	discovery.evvnt.com	www.ivpressonline.com production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
5	ups.analytics.yahoo.com	2 redirects www.ivpressonline.com
5	ade.googlesyndication.com	www.ivpressonline.com
5	cdn.jsdelivr.net	production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
5	adservice.google.de	tagan.adlightning.com
5	www.googletagmanager.com	www.ivpressonline.com www.googletagmanager.com s.tradingview.com
5	ivpressonline.com	1 redirects tagan.adlightning.com www.ivpressonline.com
4	pixel.advertising.com	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	2 redirects d29xw9s9x32j3w.cloudfront.net googleads.g.doubleclick.net
4	match.adsrvr.org	1 redirects js-sec.indexww.com c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com u.openx.net
4	fonts.googleapis.com	www.ivpressonline.com yumasun.friends2follow.com player.sendtonews.com discovery.evvnt.com
3	x.bidswitch.net	3 redirects
3	googleads4.g.doubleclick.net	www.ivpressonline.com
3	pubads.g.doubleclick.net	player.sendtonews.com imasdk.googleapis.com www.ivpressonline.com
3	timber.sendtonews.com	player.sendtonews.com
3	player.sendtonews.com	embed.sendtonews.com player.sendtonews.com
2	c1.adform.net	2 redirects
2	us-u.openx.net	u.openx.net
2	eu-u.openx.net	u.openx.net
2	sync-tm.everesttech.net	2 redirects
2	eus.rubiconproject.com	d29xw9s9x32j3w.cloudfront.net eus.rubiconproject.com
2	sb.scorecardresearch.com	1 redirects www.ivpressonline.com
2	bcp.crwdcntrl.net	1 redirects tagan.adlightning.com
2	eb2.3lift.com	2 redirects
2	a.volvelle.tech	2 redirects
2	sync.mathtag.com	2 redirects
2	scontent-iad3-1.xx.fbcdn.net	www.ivpressonline.com
2	platform.twitter.com	www.ivpressonline.com platform.twitter.com
2	evvnt-api.global.ssl.fastly.net	discovery.evvnt.com
2	c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com	tagan.adlightning.com
2	maxcdn.bootstrapcdn.com	production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net maxcdn.bootstrapcdn.com
2	imasdk.googleapis.com	player.sendtonews.com imasdk.googleapis.com
2	tracking.friends2follow.com	yumasun.friends2follow.com
2	cdn-img.pressreader.com	www.ivpressonline.com
2	jadserve.postrelease.com	tagan.adlightning.com www.ivpressonline.com
2	widget.secure.ownlocal.com	www.ivpressonline.com widget.secure.ownlocal.com
2	embed.sendtonews.com	www.ivpressonline.com player.sendtonews.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	pixel.quantserve.com	1 redirects
1	u.openx.net	d29xw9s9x32j3w.cloudfront.net
1	r5---sn-4g5ednd7.c.2mdn.net	www.ivpressonline.com
1	r1---sn-4g5ednd7.c.2mdn.net	1 redirects
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	pixel-sync.sitescout.com	c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	scontent-ort2-2.xx.fbcdn.net	www.ivpressonline.com
1	cdn.prod.mktg.evvnt.com	www.ivpressonline.com
1	photos-images.active.com	www.ivpressonline.com
1	syndication.twitter.com	platform.twitter.com
1	apis.google.com	yumasun.friends2follow.com
1	86d9fe17ad8913f96795d1e3e76e6c24.safeframe.googlesyndication.com	tagan.adlightning.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	pi979-10rsz.ads.tremorhub.com	d29xw9s9x32j3w.cloudfront.net
1	hbopenbid.pubmatic.com	d29xw9s9x32j3w.cloudfront.net
1	sendtonews-d.openx.net	d29xw9s9x32j3w.cloudfront.net
1	htlb.casalemedia.com	d29xw9s9x32j3w.cloudfront.net
1	ads.adaptv.advertising.com	d29xw9s9x32j3w.cloudfront.net
1	search.spotxchange.com	d29xw9s9x32j3w.cloudfront.net
1	prebid-server.rubiconproject.com	d29xw9s9x32j3w.cloudfront.net
1	ecafd18a3ea3b8148b2000f40512e14f.safeframe.googlesyndication.com	tagan.adlightning.com
1	e44dcf66a235fce449272c763b2edfc2.safeframe.googlesyndication.com	tagan.adlightning.com
1	cdn.resonate.com	player.sendtonews.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	js-sec.indexww.com	player.sendtonews.com
1	s-jsonp.moatads.com	www.ivpressonline.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	antifraudjs.friends2follow.com	yumasun.friends2follow.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	z.moatads.com	tagan.adlightning.com
1	bfa5bbb6ca60f122bbb83a79f683da35.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	api.pymx5.com	tagan.adlightning.com
1	s3.tradingview.com	www.ivpressonline.com
1	production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net	1 redirects
1	s.ntv.io	www.ivpressonline.com
1	pymx5.com	www.ivpressonline.com
1	tags.crwdcntrl.net	www.ivpressonline.com
484	105

This site contains links to these domains. Also see Links.

Domain
www.legacy.com
www.greenandwhitesheet.com
classadz.vdata.com
imperialvalleypress.pressreader.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
ivpressonline.com
www.arcgis.com
www.tradingview.com
new.evvnt.com
bloxcms.com
townnews.com

Subject Issuer	Validity	Valid
ivpressonline.com ZeroSSL ECC Domain Secure Site CA	`2021-11-06` - `2022-02-04`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-09` - `2022-04-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adlightning.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.pymx5.com Go Daddy Secure Certificate Authority - G2	`2021-09-12` - `2022-09-10`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.sendtonews.com Amazon	`2021-06-17` - `2022-07-16`	a year	crt.sh
secure.ownlocal.com GTS CA 1D4	`2021-08-25` - `2021-11-23`	3 months	crt.sh
*.tradingview.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
friends2follow.com Amazon	`2020-12-11` - `2022-01-09`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
cdn.pressreader.com R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
discovery.evvnt.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
twemoji.maxcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-13` - `2022-11-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
securedvisit.com Amazon	`2020-12-31` - `2022-01-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.active.com DigiCert SHA2 Secure Server CA	`2021-06-07` - `2022-06-15`	a year	crt.sh
cdn.prod.mktg.evvnt.com Amazon	`2021-08-06` - `2022-09-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-18` - `2021-11-16`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh

This page contains 51 frames:

Primary Page: https://www.ivpressonline.com/
Frame ID: F425F990516F8BEC1014D1DA57A04533
Requests: 95 HTTP requests in this frame

Frame: https://www.ivpressonline.com/app/pressreader.php?ivpid=refresh
Frame ID: 96CF181CEF642BFF7FE627A86479C001
Requests: 4 HTTP requests in this frame

Frame: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
Frame ID: 1709EB1CF28D93BB018769F67E97A562
Requests: 43 HTTP requests in this frame

Frame: https://bfa5bbb6ca60f122bbb83a79f683da35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FDA7219549EF771AE9757FCA946E78FD
Requests: 1 HTTP requests in this frame

Frame: https://player.sendtonews.com/player7/player/65.21.7/player.js
Frame ID: 3E0655684EBFCCBFD77C90883826AB89
Requests: 93 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3D03F32A5D274AFE061D2E4223D976AE
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Frame ID: BCCA84A535F6245B91567E0E62C31B33
Requests: 11 HTTP requests in this frame

Frame: https://www.ivpressonline.com/app/pressreader.php
Frame ID: 8A7A67CD492D522774A061A56BD1E37C
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Frame ID: D21D1FDB0A7049BB9C52C3668FBED6DE
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Frame ID: 2611BDE66276E9500896395B0CB8309B
Requests: 15 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Frame ID: 13A47AC49433F14AADB9B30AAF93419F
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Frame ID: D243559D2FF4BACC8B19AEC4DF4A4F69
Requests: 14 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Frame ID: 94198ACF6C4AA204F12DEC12202607F7
Requests: 14 HTTP requests in this frame

Frame: https://s.tradingview.com/embed-widget/market-overview/?locale=en
Frame ID: C4549200F1BBD7BAE1BB96653331E1C2
Requests: 21 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Frame ID: C8D4C9A2BC2CDEF4A9DA47ABD671B225
Requests: 14 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtm.js?id=GTM-5T8HXK8
Frame ID: 64D84FF4A16D30402DA27B4D3E8ADFFF
Requests: 32 HTTP requests in this frame

Frame: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 128EAB25C38021AE430B3FBE046CD672
Requests: 1 HTTP requests in this frame

Frame: https://e44dcf66a235fce449272c763b2edfc2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4017E03E6F1ED427FBE0E48B97439557
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: 363A46AE8183100F578D98CD47D9C882
Requests: 23 HTTP requests in this frame

Frame: https://ecafd18a3ea3b8148b2000f40512e14f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8F7D0A8D797D876B25BD6746009C5F08
Requests: 1 HTTP requests in this frame

Frame: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B4A4A4A6F2035A4E89D090B8D95D41E7
Requests: 18 HTTP requests in this frame

Frame: https://86d9fe17ad8913f96795d1e3e76e6c24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 09FD2CE75CC777BF6BA8C60AF1AFEF27
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 077E4648065477581DB7C79BAFB34748
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fyumasun.friends2follow.com
Frame ID: 0FDFC498AA2FBE56BB0724A837560470
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F3882B0697582F2E99266B886EA981A7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 304C2356948A1D11F43DE40F60C50B51
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 334F43CEC62BAC9D2A9F11195AAB2D7F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 997664411A222F32449C0D635F7060BE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1CDE4A08827AF17E97F3EFBA4918E33F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3D90BCC9803D5733883E1C30A72EF0D
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F957882267605246&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: 91A1FBD3B6165832FB8AC6C6018C3181
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F225615167484381&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: 2B2FDA3F6D84843DF0480A2AC386B163
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F225615167484381&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: 496895DE797C082C59CD4A17B5188B68
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F225615167484381&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: 4E0AAED4E35BA34D1A84A33E0DD8A021
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F225615167484381&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: E1D3B96FDA5124E69D19C38306F74AED
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F225615167484381&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: 6462C33CB15F1F8403207942B4BCF14E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F957882267605246&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: F308891CE6736F88CC01E07B3FBE825A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F225615167484381&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252
Frame ID: 389F1364356E62FFBD5317E9BA4F3902
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQ5su2qgIY97GFuAEwAQ&v=APEucNWJMfHMRh7JGC4HM25pSXPaJb96KnFwbaZKGI6R0I6Cjn6V2AJ3NjUWg0TWj1MiCnhMjH5UGqDUHIGQhgQAbPX5tEJlcS-JB7hBtsU1kbQSPdxBhXbg6f8GIDBKyCZw8eCjo6QIq1vW7Qlsoqjr4Az5puaJVzO9s9MjR17AEFYd2rsMAzg
Frame ID: 41B1B887609BC1AD1CE92ABEB1750B79
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 69F3E1EC1BAF2B4430708CE11E30791C
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
Frame ID: 328860B5DBB72FD6D1DDC2FEF67BCC56
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9AFA56734A605F7791E16AE886F038AE
Requests: 3 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=13855/rand=388585393/pv=y/rb=%7B%22meta_tag%22%3A%22imperial%20valley%20press%20online%22%7D/rt=ifr
Frame ID: 44BCD7E9A63E472E66C5C6F1A49AEDEE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 66AE5C74AFCB57859209CD9E21A8D2ED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C3B5CE0142BAD2E2B316E815EEBC6391
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DDA6493C94D66B448C28DA1FF0958C61
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0B595824E0A3ED899FCA711BBDE31575
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 180DA5F424CD2AD70E80BDA0777B21F0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 909DF63F8399AAFCE81E25A1FB29B19B
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 2BD5721B209F3B6DEE610D51DA367F10
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DA18FE2031940A0D259E517C329A487F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ivpressonline.com | Your news, our passion. | Imperial Valley Press OnlineArticle with imagesArticle with imagesArticle with imagesArticle with imagesImage galleryImage galleryImage galleryVideoVideoVideoArticlesimagesVideos

Page URL History Show full URLs

http://ivpressonline.com/ HTTP 301
https://www.ivpressonline.com/ Page URL

Page Statistics

484
Requests

95 %
HTTPS

38 %
IPv6

59
Domains

105
Subdomains

79
IPs

8
Countries

10434 kB
Transfer

19994 kB
Size

51
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.legacy.com/obituaries/ivpressonline/
Title: OBITUARIES

Search URL Search Domain Scan URL

URL: https://www.greenandwhitesheet.com/
Title: Green and White Sheet

Search URL Search Domain Scan URL

URL: https://classadz.vdata.com/ElCentroImperialValleyPress/Circulation/Subscriber/
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://imperialvalleypress.pressreader.com/
Title: e-Edition

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ivpress
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ivpnews
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/ivpressonline
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ivpressonline/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://ivpressonline.com/tncms/tracking/bannerad/clicks/?i=frontpage/block-pencil-one1/6c57c84e-4fa2-11eb-a84d-2309098d6c5a&r=http://www.ivpressonline.com/advertisement/wellness_radio/

Search URL Search Domain Scan URL

URL: http://imperialvalleypress.pressreader.com/
Title: E-Edition

Search URL Search Domain Scan URL

URL: https://www.arcgis.com/apps/opsdashboard/index.html?fbclid=IwAR1-CmE98nQdDULNRkIjcrdXkrmORFJlMKJZmaHb3kyfaS3Is1YJTdLePvM#/684c52c01a0c4dbda380d7b905ef0b46

Search URL Search Domain Scan URL

URL: http://www.facebook.com/ivpress
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/ivpnews
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.youtube.com/ivpressonline
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/ivpressonline/obituary.aspx?n=gloria-avila&pid=200573792&fhid=24103
Title: AVILA, GLORIA

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/ivpressonline/obituary.aspx?n=margarito-gonzales&pid=200573794&fhid=18208
Title: GONZALES, MARGARITO

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/ivpressonline/obituary.aspx?n=helen-wallis&pid=200573793
Title: WALLIS, HELEN

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Market Data by TradingView

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/ivpressonline/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://new.evvnt.com/?with_navbar&force_snap_sell&partner=IVPRESSONLINE&publisher_url:ivpressonline.com#/quick
Title: Promote Your Event

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://townnews.com/
Title: TownNews.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ivpressonline.com/ HTTP 301
https://www.ivpressonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js HTTP 301
https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js

Request Chain 352

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJkyjME7lfhd8d6lvm3ur-0&google_cver=1

Request Chain 353

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYo51wFwYgY8eNe3T6xw1wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJkyjME7lfhd8d6lvm3ur-0&google_cver=1

Request Chain 354

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECJNKobwDnSC3OsJxqc3drI&google_cver=1

Request Chain 355

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2MzI5OTc0NjU4MjYwNzE2

Request Chain 370

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELgHLtXmvaU7QOV43vd9rdA&google_cver=1&google_push=AYg5qPLKgdqhSyf8isSCkDGIWigIw5P9I9W3KpiNE2bmgbz89P6w9AfcB9a1VbQ6mIKcRSsJEmda_yLZhRUSO9fGFNRp4lJPctFk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLKgdqhSyf8isSCkDGIWigIw5P9I9W3KpiNE2bmgbz89P6w9AfcB9a1VbQ6mIKcRSsJEmda_yLZhRUSO9fGFNRp4lJPctFk

Request Chain 371

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIcz7O4AvaOtN_JVN3WDu0o&google_cver=1&google_push=AYg5qPLSraLZ-iWup78xjvlfyqplZkAEUn_0KNUxKUKFF1vOpKRwaSouX8zAUnTbfBXIQ_hdGy0e54Wo-LrDWqeFg1BjU7KQ88LE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLSraLZ-iWup78xjvlfyqplZkAEUn_0KNUxKUKFF1vOpKRwaSouX8zAUnTbfBXIQ_hdGy0e54Wo-LrDWqeFg1BjU7KQ88LE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIcz7O4AvaOtN_JVN3WDu0o&google_cver=1&google_push=AYg5qPLSraLZ-iWup78xjvlfyqplZkAEUn_0KNUxKUKFF1vOpKRwaSouX8zAUnTbfBXIQ_hdGy0e54Wo-LrDWqeFg1BjU7KQ88LE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLSraLZ-iWup78xjvlfyqplZkAEUn_0KNUxKUKFF1vOpKRwaSouX8zAUnTbfBXIQ_hdGy0e54Wo-LrDWqeFg1BjU7KQ88LE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 374

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDzwUKLmYtXs5dsETvj4VIw&google_cver=1&google_push=AYg5qPLCUKoGcv2FMevjNO6hwBz28-yE0BT48Vsq8f3UcKFbohHAqVXhUfMGP1iYJE7yQtMG4AvLt_QLcHqy04G0fasgAhLnHC7KSw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDzwUKLmYtXs5dsETvj4VIw&google_cver=1&google_push=AYg5qPLCUKoGcv2FMevjNO6hwBz28-yE0BT48Vsq8f3UcKFbohHAqVXhUfMGP1iYJE7yQtMG4AvLt_QLcHqy04G0fasgAhLnHC7KSw HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=4b9f7a20-1c50-4d8e-b9cb-5265dcaf1bd9 HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=4b9f7a20-1c50-4d8e-b9cb-5265dcaf1bd9 HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d04508fe-3e9d-4356-9428-199f2bf3a8e9&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLCUKoGcv2FMevjNO6hwBz28-yE0BT48Vsq8f3UcKFbohHAqVXhUfMGP1iYJE7yQtMG4AvLt_QLcHqy04G0fasgAhLnHC7KSw&google_hm=S596IBxQTY65y1Jl3K8b2Q==

Request Chain 375

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEGa1SqOZF35ScvXdKR-hsA&google_cver=1&google_push=AYg5qPJr4S1U6MIC5DsrixMA9swdJCjvcDfJ49jPJOQ9GLu557kkVn7tIVqhqUuE90rKHXkzUQP-YX_CznN2sZJ8Alg3quWhoYOkZA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJr4S1U6MIC5DsrixMA9swdJCjvcDfJ49jPJOQ9GLu557kkVn7tIVqhqUuE90rKHXkzUQP-YX_CznN2sZJ8Alg3quWhoYOkZA&google_gid=CAESEEGa1SqOZF35ScvXdKR-hsA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA5NDQyODI4NjEyNTA2MjkzNTY%3D&google_push=AYg5qPJr4S1U6MIC5DsrixMA9swdJCjvcDfJ49jPJOQ9GLu557kkVn7tIVqhqUuE90rKHXkzUQP-YX_CznN2sZJ8Alg3quWhoYOkZA

Request Chain 395

https://bcp.crwdcntrl.net/5/c=13855/rand=388585393/pv=y/rb=%7B%22meta_tag%22%3A%22imperial%20valley%20press%20online%22%7D/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=13855/rand=388585393/pv=y/rb=%7B%22meta_tag%22%3A%22imperial%20valley%20press%20online%22%7D/rt=ifr

Request Chain 410

https://gcdn.2mdn.net/videoplayback/id/15c792a42054f511/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779016388/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B97E53F744F04B6AD3069939EEB99EE8E4119367.AB73AC54A867F9D28F2A5F8CD346275F2D913046/key/ck2/file/file.mp4?cpn=z95wNSZJLgJ32BIw HTTP 302
https://r1---sn-4g5ednd7.c.2mdn.net/videoplayback/id/15c792a42054f511/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779016388/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B7376A153CB3222CAA7851F98C51B0E88DB6E9B.34E674CC29F2ECC9B8233F3958429D2D8961E454/key/cms1/cms_redirect/yes/mh/xm/mip/2a01:4f8:212:78e:2a::1/mm/42/mn/sn-4g5ednd7/ms/onc/mt/1636447502/mv/u/mvi/1/pl/54?cpn=z95wNSZJLgJ32BIw&file=file.mp4 HTTP 302
https://r5---sn-4g5ednd7.c.2mdn.net/videoplayback/id/15c792a42054f511/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779016388/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B7376A153CB3222CAA7851F98C51B0E88DB6E9B.34E674CC29F2ECC9B8233F3958429D2D8961E454/key/cms1/cms_redirect/yes/mh/xm/mip/2a01:4f8:212:78e:2a::1/mm/42/mn/sn-4g5ednd7/ms/onc/mt/1636447502/mv/u/mvi/1/pl/54?cpn=z95wNSZJLgJ32BIw&ir=1&rr=12&fexp=24052761&file=file.mp4

Request Chain 477

https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1636448725549&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=20000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=pre-roll&ns_st_ci=1247804&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1636448727994&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2445&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Conde%20Nast&c3=sendtonews&c4=Entertainment&c6=*null&c7=https%3A%2F%2Fwww.ivpressonline.com%2F&c8=&c9= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1636448725549&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=20000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=pre-roll&ns_st_ci=1247804&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1636448727994&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2445&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Conde%20Nast&c3=sendtonews&c4=Entertainment&c6=*null&c7=https%3A%2F%2Fwww.ivpressonline.com%2F&c8=&c9=

Request Chain 487

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP2fb6b974-413c-11ec-930f-06c3ec34c576 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP2fb6b974-413c-11ec-930f-06c3ec34c576&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAyZmI2Yjk3NC00MTNjLTExZWMtOTMwZi0wNmMzZWMzNGM1NzY%3D HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEMViZ8pc-hj4hXhJJNsAktM&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMViZ8pc-hj4hXhJJNsAktM&google_cver=1&apid=UP2fb6b974-413c-11ec-930f-06c3ec34c576

Request Chain 488

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=bf35582e-6696-486b-a5e7-1d8f7f8b8eb1&_origin=1&gdpr=1&gdpr_consent=

Request Chain 489

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YYo52QADOBiWrAAz HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YYo52QADOBiWrAAz&_origin=0&gdpr=0&gdpr_consent=&_test=YYo52QADOBiWrAAz HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YYo52QADOBiWrAAz&_origin=0&gdpr=0&gdpr_consent=&_test=YYo52QADOBiWrAAz&apid=UP2fb6b974-413c-11ec-930f-06c3ec34c576

Request Chain 490

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=79f5618a-39d7-4a00-b002-9b2d329575a6

Request Chain 491

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=qBqvuq0S8-KzSvXjrRu64_hO9L6zH6e--Em_el_U

Request Chain 492

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2084561459374446081

Request Chain 495

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKn0BBG7BVP72epBjt4G9Pk&google_cver=1

484 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ivpressonline.com/
Redirect Chain

http://ivpressonline.com/
https://www.ivpressonline.com/

426 KB
59 KB

340ms
163ms

Document
text/html

192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ivpressonline.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

7f5974e4326c6420be4295ea9766ca4ef7d466277c1982e0ea202cbe5bae20f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 09 Nov 2021 08:05:46 GMT
content-type: text/html; charset=UTF-8
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Nov 2021 08:05:46 GMT
x-robots-tag: noarchive
x-xrds-location: https://www.ivpressonline.com/tncms/xrds/
x-ua-compatible: IE=edge
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.f7f607461e880929e17a0ecdc234e5df.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
x-tncms: 1.60.1; app17; 0.63s; 8.6M
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: W/17f538a7f65a4e7ba71d7bed511631ed
content-encoding: gzip
vary: X-IPCountry, Accept-Encoding
age: 3573
cache-control: public, max-age=10
x-vcache: HIT
accept-ranges: bytes
content-length: 58006

Redirect headers

date: Tue, 09 Nov 2021 09:02:16 GMT
content-type: text/html; charset=UTF-8
x-loop: 1
cache-control: public, max-age=300
x-robots-tag: noarchive
x-xrds-location: https://www.ivpressonline.com/tncms/xrds/
location: https://www.ivpressonline.com/
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
x-tncms: 1.60.1; app19; 0.01s; 1.2M
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
vary: Accept-Encoding
age: 183
x-vcache: HIT
content-length: 1787

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 64ms
20ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4947481
cf-ray: 6ab5e0f5082b2bad-FRA
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: HIT
server: cloudflare
etag: W/"60e609f2-1882c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 31 Aug 2022 19:03:53 GMT

GET
H2 200 user.js Show response
www.ivpressonline.com/shared-content/art/tncms/user/ 11 KB
4 KB 83ms
83ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivpressonline.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 9476713709bfb2efbef10bee7267250bd6ef908f0f31927fc3f55d0d801a60d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:02:16 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 14:38:15 GMT
age: 183
etag: W/"6183f057-2b02"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 3994
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 73ms
31ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 978058
cf-ray: 6ab5e0f508312bad-FRA
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 15:48:07 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
12 KB 68ms
25ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 9424117
cf-ray: 6ab5e0f5082d2bad-FRA
last-modified: Wed, 05 May 2021 20:06:42 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fad2-8154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 15:56:46 GMT

GET
H2 200 tnt.f7f607461e880929e17a0ecdc234e5df.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 9 KB
3 KB 60ms
18ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.f7f607461e880929e17a0ecdc234e5df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34f66e0da13cae3e47b11da471fdf881280333b3ff2583611715640656b338ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 646928
cf-ray: 6ab5e0f508342bad-FRA
last-modified: Fri, 29 Oct 2021 16:41:09 GMT
x-vcache: HIT
server: cloudflare
etag: W/"617c2425-2566"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 01 Nov 2022 19:02:53 GMT

GET
H2 200 application.cb897187c4718280fd69d2e6d6c3909d.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 62ms
20ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 17274165
cf-ray: 6ab5e0f5082c2bad-FRA
last-modified: Fri, 16 Apr 2021 14:03:19 GMT
x-vcache: HIT
server: cloudflare
etag: W/"60799927-104a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 21 Apr 2022 19:03:58 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
969 B 72ms
30ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 978057
cf-ray: 6ab5e0f5082a2bad-FRA
last-modified: Tue, 06 Jul 2021 13:05:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45508-9ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:22 GMT

GET
H2 200 bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 38ms
32ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1237722
cf-ray: 6ab5e0f508232bad-FRA
last-modified: Fri, 16 Apr 2021 14:03:10 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6079991e-1ab8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 23 Apr 2022 00:48:14 GMT

GET
H2 200 layout.30d75e9a57e3e756d5985de69868a18b.css
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 149 KB
27 KB 36ms
30ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.30d75e9a57e3e756d5985de69868a18b.css

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

971842b80b8d4e847ed32adf3e62de2cf6e8cce9080d54321583d6d524de0f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 646928
cf-ray: 6ab5e0f508252bad-FRA
last-modified: Fri, 29 Oct 2021 16:42:12 GMT
x-vcache: HIT
server: cloudflare
etag: W/"617c2464-255ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 01 Nov 2022 19:02:23 GMT

GET
H2 200 theme-basic.da34fee69fbd9a506f70c74c56e2ccfa.css
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 41 KB
8 KB 32ms
26ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.da34fee69fbd9a506f70c74c56e2ccfa.css

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87b11389685f99baf3f7685bce4814a3a511dba56edfa5a07d900893c1d79acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6678470
cf-ray: 6ab5e0f508262bad-FRA
last-modified: Wed, 05 May 2021 20:07:39 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fb0b-a433"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 15:48:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
2 KB 40ms
19ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Open+Sans:400,700,600

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a60e0a34cd16934f8d62a6722a1e74d229e7fa228247d44dfd531d1892f8f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 09:05:20 GMT
server: ESF
date: Tue, 09 Nov 2021 09:05:20 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 09 Nov 2021 09:05:20 GMT

GET
H2 200 flex-utility-text-promo.945a2efac4892ce469180c513f411107.css
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 531 B
346 B 37ms
31ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-text-promo.945a2efac4892ce469180c513f411107.css

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8888b39fcef68347451a49b9c12fbd7f5af165a42f289fbeef6c4db2f8a33228

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14940328
cf-ray: 6ab5e0f508272bad-FRA
last-modified: Fri, 16 Apr 2021 14:04:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60799966-213"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 23 Apr 2022 12:29:08 GMT

GET
H2 200 flex-classifieds-bulletins.a78f8be1f6e0dabcb5acb9a8939501f8.css
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 2 KB
913 B 22ms
17ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-classifieds-bulletins.a78f8be1f6e0dabcb5acb9a8939501f8.css

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cea286d53c1f5a24eab31c051f1a0cfcd00b7c1752a42dedfa0a91f0c2135fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 9424118
cf-ray: 6ab5e0f508282bad-FRA
last-modified: Fri, 16 Apr 2021 14:04:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60799966-96b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 23 Apr 2022 00:48:14 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/13855/ 38 KB
11 KB 40ms
8ms Script
application/json 13.225.78.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/13855/cc.js?ns=_cc13855
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57ef78316a4d7fc739e9680ed7067e21563c455b340b3c389347831d1bc20d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:55:32 GMT
content-encoding: gzip
etag: W/"82d0ea8f859c2b8ae008d794a4f300f4"
last-modified: Tue, 15 Dec 2020 17:01:11 GMT
server: AmazonS3
age: 20024
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: yaYc9Xe8i__K2ZR5oCizDwCFsfIZDeClFZtRZ0vdIRIiXruZvoLM5g==

GET
H2 200 access.js Show response
www.ivpressonline.com/shared-content/art/tncms/api/ 86 KB
34 KB 83ms
83ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivpressonline.com/shared-content/art/tncms/api/access.js
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de

Request headers

Referer: https://www.ivpressonline.com/
Origin: https://www.ivpressonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:02:35 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 14:38:15 GMT
age: 164
etag: W/"6183f057-15686"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 34923
service-worker-allowed: /

GET
H2 200 op.js Show response
tagan.adlightning.com/townnews/ 44 KB
19 KB 60ms
14ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/op.js
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50116d41b407de807d4c5a56cf2dab8537efefb467e30851e84940e0911a3b4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:17 GMT
content-encoding: gzip
age: 124
x-cache: Hit from cloudfront
content-length: 18505
x-amz-meta-git_commit: 7b120a5
last-modified: Tue, 09 Nov 2021 08:06:13 GMT
server: AmazonS3
etag: "3d8c5da43eb77a256624c0fcc6570229"
x-amz-version-id: ivavE_mbevYU.ZXZmfZfT6WkjQ3pLCVb
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: b1TQGoNq0XEOw3tKRfOvSXe8EOXNrgcA9x1ezf0fcrnLIwMtxP9vZw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 77ms
25ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

400d415e25e3c2b6d990376f5b1b73e91a4ada0f82098f11b71b644773528907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1038 / 974 of 1000 / last-modified: 1636412720"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27059
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 09:05:20 GMT

GET
H2 200 user-controls.578df3df79d812af55ab13bae47f9857.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 532 B
442 B 21ms
17ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 970867
cf-ray: 6ab5e0f70b5b2bad-FRA
last-modified: Wed, 05 May 2021 20:06:25 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fac1-214"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 06:23:20 GMT

GET
H2 200 tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 9 KB
3 KB 19ms
15ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c96243483fe1107223c07f837885d057ec2b7515e349bd51523ab2ef6666bf43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 17263229
cf-ray: 6ab5e0f518362bad-FRA
last-modified: Fri, 16 Apr 2021 14:03:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60799930-24cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 23 Apr 2022 00:48:14 GMT

GET
H2 200 tnt.ads.load.6a3c47703ee96f20ef132e36033ca1bc.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 888 B
641 B 20ms
16ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.load.6a3c47703ee96f20ef132e36033ca1bc.js

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2c2161d216b3f6f05411fb2ae1c43a501c51f1763c450326757baad4af344ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 964720
cf-ray: 6ab5e0f70b5c2bad-FRA
last-modified: Wed, 05 May 2021 20:06:34 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092faca-378"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 06:22:02 GMT

GET
H2 200 tracking.js Show response
www.ivpressonline.com/shared-content/art/tncms/ 3 KB
1 KB 86ms
83ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivpressonline.com/shared-content/art/tncms/tracking.js
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:00:29 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 14:38:15 GMT
age: 291
etag: W/"6183f057-a4b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1149
service-worker-allowed: /

GET
H2 200 admanager.js Show response
www.ivpressonline.com/shared-content/art/tncms-ad-manager/ 39 KB
13 KB 86ms
83ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivpressonline.com/shared-content/art/tncms-ad-manager/admanager.js
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 7ec48a60849c066e9da617d0db011a6b4d70f743d6295cabdf1c38e5e4de5fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:02:35 GMT
content-encoding: gzip
last-modified: Thu, 05 Nov 2020 15:14:31 GMT
age: 164
etag: W/"5fa416d7-9d7c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 12863
service-worker-allowed: /

GET
H2 200 impressions.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/ads/ 140 B
185 B 122ms
120ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/ads/impressions.js?_dc=1636445113.temp

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b82045cb509889df5348ca3e5ec5fbf2fd5ef05a078f09250995a55e299542b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 6ab5e0f518372bad-FRA
last-modified: Tue, 09 Nov 2021 08:05:13 GMT
x-vcache: HIT
server: cloudflare
etag: W/"618a2bb9-8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 09 Nov 2022 08:10:04 GMT

GET
H2 200 traffic.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/ads/ 1 KB
899 B 115ms
112ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/ads/traffic.js?_dc=1636445113.temp

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62de8fc1fa7c72af394d07521d1a68b2138c8aca8afd021ecdeec63646446e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 6ab5e0f518382bad-FRA
last-modified: Tue, 09 Nov 2021 08:05:13 GMT
x-vcache: HIT
server: cloudflare
etag: W/"618a2bb9-5fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 09 Nov 2022 08:10:04 GMT

GET
H2 200 settings.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/ads/ 2 KB
489 B 19ms
17ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/ads/settings.js?_dc=1533917564

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8aa3b08fc4674f7e4e9a77dd76dbc31ab395915286bbeb69805e03537cdbe01

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 17263229
cf-ray: 6ab5e0f518392bad-FRA
last-modified: Fri, 10 Aug 2018 16:12:44 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5b6db97c-62d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 23 Apr 2022 00:48:14 GMT

GET
H2 200 ie.grid.placement.8d31e32afeebe4520bfab9638ef91435.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 2 KB
871 B 31ms
27ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ie.grid.placement.8d31e32afeebe4520bfab9638ef91435.js

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffe3e81abfe1b82b22c0afec5ceb1400456a6c4d6ecec4f94ef6f5da1e74e666

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6678468
cf-ray: 6ab5e0f70b5e2bad-FRA
last-modified: Mon, 07 Jan 2019 16:40:30 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5c3380fe-754"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 15:56:46 GMT

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
248 B 31ms
30ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6678470
cf-ray: 6ab5e0f5183c2bad-FRA
last-modified: Fri, 16 Apr 2021 14:04:15 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6079995f-c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 23 Apr 2022 00:48:14 GMT

GET
H2 200 fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 253 KB
91 KB 32ms
27ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1237721
cf-ray: 6ab5e0f70b602bad-FRA
last-modified: Wed, 25 Aug 2021 16:36:45 GMT
x-vcache: HIT
server: cloudflare
etag: W/"6126719d-3f553"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 31 Aug 2022 19:03:53 GMT

GET
H2 200 load_tags.js Show response
pymx5.com/scripts/ 9 KB
9 KB 65ms
9ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/load_tags.js
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:59:16 GMT
age: 364
x-guploader-uploadid: ADPycdsYOsKqGNW6Fnq3bOwX-imrkh5-evC0y-r9b11ZzV-xlLKeU7y1OcXYYhk323VRmVq-mHWLb7V5Rls5ZnSUS8fzNn_Cew
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 8946
last-modified: Tue, 12 Oct 2021 11:44:47 GMT
server: UploadServer
etag: "f6b06694767e707999eecbe9538b403a"
x-goog-hash: crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation: 1634039087734790
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 8946
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 09 Nov 2021 09:59:16 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 387 KB
113 KB 82ms
27ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 225d2e82e0609fd8ea6f41b4596631e2eb125c4ee951202b94ea31af75585413

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:20 GMT
Content-Encoding: gzip
x-amz-request-id: GJH56RG3SPSEW4GB
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: fWYmj505ft2pskqu67knzP7wtygpjgVMV9QKfTwl1jAm62odXGVTN6O3gtPimLrgvF416UIGy0g=
Last-Modified: Tue, 02 Nov 2021 18:26:48 GMT
Server: AmazonS3
ETag: "9697906b98187396c26c1e3a90819f66"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 tracker.js Show response
www.ivpressonline.com/shared-content/art/stats/common/ 9 KB
3 KB 83ms
83ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivpressonline.com/shared-content/art/stats/common/tracker.js
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:02:11 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 19:09:11 GMT
age: 188
etag: W/"60b928d7-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H/1.1 200
OK embedcode.php Show response
embed.sendtonews.com/player2/ 81 KB
26 KB 526ms
207ms Script
application/javascript 50.17.208.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player2/embedcode.php?fk=5b3IdoCM&cid=12120&SIZE=400&floatwidth=425
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.208.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-208-58.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 70a794340737b2799b56919e27e430ba9c576b8484e8d93f6c3972f60b423f04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:20 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 26263
Expires: Tue, 09 Nov 2021 10:05:20 GMT

GET
H2 200 embed.js Show response
widget.secure.ownlocal.com/ 6 KB
6 KB 414ms
116ms Script
application/javascript 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.secure.ownlocal.com/embed.js?uuid=9de66d66-4976-48ff-b565-d4d34f3d3134&?h=600&min_featured_level=0&category=all&subcategory=all&days_ago=30

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

232.77.96.34.bc.googleusercontent.com

Software

nginx/1.17.2 /

Resource Hash

43ee53d296fca70608f19eeda6e438cc099816e1c258e220a408ece7f67d7b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
via: 1.1 google
last-modified: Fri, 29 Oct 2021 23:56:19 GMT
server: nginx/1.17.2
vary: Origin
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 5742

GET
H2 200 iccovid.jpg
www.ivpressonline.com/app/art/ 16 KB
16 KB 89ms
85ms Image
image/jpeg 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ivpressonline.com/app/art/iccovid.jpg?ivpid=adrefresh
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: be5689f0239ead97ff18d82b5540700dee8b757a57937fa54d59d8278111ae50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:02:35 GMT
last-modified: Sat, 04 Apr 2020 05:54:46 GMT
age: 164
etag: "5e882126-40e9"
x-vcache: HIT
content-type: image/jpeg
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 16617

GET
H2 200 niesignupformlink.jpg
www.ivpressonline.com/app/art/ 34 KB
35 KB 87ms
84ms Image
image/jpeg 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ivpressonline.com/app/art/niesignupformlink.jpg
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 484cde3921913e7b956c9bbb0e78e27db0da78bb5b3e51eb5c148aa88bbd96da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:02:36 GMT
last-modified: Mon, 05 Mar 2018 21:57:21 GMT
age: 164
etag: "5a9dbd41-89af"
x-vcache: HIT
content-type: image/jpeg
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 35247

GET
H2

200

evvnt_discovery_plugin_s.js Show response
discovery.evvnt.com/prd/current/
Redirect Chain

https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js

515 KB
515 KB

178ms
15ms

Script
application/javascript

2600:9000:20eb:9000:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Server: 2600:9000:20eb:9000:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35723694d7d1f70e33125469a3b45d97364d5f253f41d730cd2e598ef79da70d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 02:26:53 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Thu, 04 Nov 2021 18:59:05 GMT
server: AmazonS3
age: 23907
etag: "361dfe48faf32bcab68638fce40d0885"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 526870
x-amz-cf-id: osZI880MC-e0m7ttR_wgF2bfU3qffrQXxDpnl7S3rOkcXAoRjvaiKw==

Redirect headers

Date: Tue, 09 Nov 2021 09:05:20 GMT
Via: 1.1 varnish
Server: Varnish
X-Timer: S1636448721.541867,VS0,VE0
X-Served-By: cache-fra19182-FRA
X-Cache: HIT
Location: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H2 200 embed-widget-market-overview.js Show response
s3.tradingview.com/external-embedding/ 11 KB
11 KB 71ms
9ms Script
text/javascript 13.224.186.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-market-overview.js
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e125e3760778156c5d10a0aa1d97e056b9fdc66d6c907a59d8627158e83c3db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:05:04 GMT
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 10:04:54 GMT
server: AmazonS3
age: 82817
etag: "66cbd4465fa2c7279be06b3e5b1d87a3"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10822
x-amz-cf-id: W8wqWHBJq5AGZDH2DZC9Ay4OBjaQ0Ex-hmMTEVK7dUhadfv6Y2PkRg==

GET
H2 200 adelantevallebottom.jpg
www.ivpressonline.com/app/art/site_graphics/ 17 KB
17 KB 88ms
86ms Image
image/jpeg 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ivpressonline.com/app/art/site_graphics/adelantevallebottom.jpg
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 80911df7dcf2e2763e6fa09fe379b2478a74cc43edd3c4f5ab4c025b008f901a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:57:08 GMT
last-modified: Thu, 19 Jan 2017 18:19:45 GMT
age: 492
etag: "58810341-425a"
x-vcache: HIT
content-type: image/jpeg
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 16986

GET
H2 200 valleywomenbottomlogo.jpg
www.ivpressonline.com/app/art/site_graphics/ 13 KB
13 KB 87ms
86ms Image
image/jpeg 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ivpressonline.com/app/art/site_graphics/valleywomenbottomlogo.jpg
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 2997eccf5a672d24169a4135a230358e193bb6596942ffb194b58c7f18069b8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:57:08 GMT
last-modified: Thu, 19 Jan 2017 18:20:31 GMT
age: 492
etag: "5881036f-3276"
x-vcache: HIT
content-type: image/jpeg
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 12918

GET
H2 200 greenwhitesheetbottom.jpg
www.ivpressonline.com/app/art/site_graphics/ 20 KB
20 KB 88ms
87ms Image
image/jpeg 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ivpressonline.com/app/art/site_graphics/greenwhitesheetbottom.jpg
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d94f39a95c4bb5cdc047e37535eab9c019fd7ee4e0ce40163bc2ee241eb2bf5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:57:08 GMT
last-modified: Thu, 19 Jan 2017 18:20:01 GMT
age: 492
etag: "58810351-4e10"
x-vcache: HIT
content-type: image/jpeg
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 19984

GET
H2 200 tnt.ads.wallpaper.4566675f015f64f2a536e0f9f0611e13.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 470 B
397 B 18ms
13ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.wallpaper.4566675f015f64f2a536e0f9f0611e13.js

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

236d32649a6a56afe4dd11c53e65983f81564acd982005f61e8931147488ae93

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 964720
cf-ray: 6ab5e0f70b542bad-FRA
last-modified: Fri, 23 Oct 2020 13:08:25 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5f92d5c9-1d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 04 Nov 2021 10:34:38 GMT

GET
H2 200 maillist_signup.deacc71a82fe583ccc361b42498ff614.js Show response
bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 4 KB
1 KB 24ms
19ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/maillist_signup.deacc71a82fe583ccc361b42498ff614.js

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d13f3ca71d7f8936fa6132de0d7b79b479d0eb9615df43fde4f31b2d43c79fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1211166
cf-ray: 6ab5e0f70b5a2bad-FRA
last-modified: Fri, 16 Apr 2021 14:03:21 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60799929-fe1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 23 Apr 2022 00:48:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
60 KB 71ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d398fc3a8582a47fcdeb03635707786a223d1e90c691f5b8f6cd5e729b34c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61127
x-xss-protection: 0
expires: Tue, 09 Nov 2021 09:05:20 GMT

GET
H2 200 b-7b120a5-e6d21384.js Show response
tagan.adlightning.com/townnews/ 73 KB
28 KB 11ms
10ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 05:53:24 GMT
content-encoding: gzip
age: 5886717
x-cache: Hit from cloudfront
content-length: 28181
x-amz-meta-git_commit: 7b120a5
last-modified: Tue, 03 Aug 2021 18:05:42 GMT
server: AmazonS3
etag: "1bd25d5a0b3f617a7b96bfd3148d7cb9"
x-amz-version-id: TCazak92uXLsB7S2fwnGUUKnJeDNkgd8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 7AAbg2WjlIpxpJJoJbG0_zBlqsARw1WNmXI1boSEJS5kU1vU8mM3JA==

GET
H2 200 bl-f821a95-d0fa73f5.js Show response
tagan.adlightning.com/townnews/ 51 KB
22 KB 12ms
11ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92e4cd8f6651f2914c5ef95e02ebf636c63353bc3fd932f412b4661c71e7517c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:18 GMT
content-encoding: gzip
age: 123
x-cache: Hit from cloudfront
content-length: 22132
x-amz-meta-git_commit: f821a95
last-modified: Tue, 09 Nov 2021 08:05:25 GMT
server: AmazonS3
etag: "a5fdb3b91a2fedfa68147328f2eb48d4"
x-amz-version-id: ffb0KDr03ymuhahCcYB_0hrJDjRjGqij
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: vXjd876zbb1uX82h3B-zNyLFUjow8wuazswk3H1LygzgxccZ0k0pDw==

GET
H2 200 / Show response
www.ivpressonline.com/_services/v1/client_ip_info/ 79 B
181 B 83ms
83ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivpressonline.com/_services/v1/client_ip_info/
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d2ff840fef9f3ca193c2aaff44980269c4cfae8a905c6b994790444519c0b368

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 79
content-type: application/json

GET
H2 200 dust.png
www.ivpressonline.com/content/tncms/live/global/resources/images/_site/ 23 KB
23 KB 143ms
143ms Image
image/png 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ivpressonline.com/content/tncms/live/global/resources/images/_site/dust.png
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 872d1c632a2411cd74430a525e538f4348fe0e8307ffb9010282a82a957d4a2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:02:39 GMT
last-modified: Thu, 11 Jan 2018 18:51:04 GMT
age: 161
etag: "5a57b218-5ad9"
x-vcache: HIT
content-type: image/png
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 23257

GET
H2 403 tracker.gif
www.ivpressonline.com/shared-content/art/stats/common/ 0
48 B 155ms
142ms Image
text/plain 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ivpressonline.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1636448720105160012001532151474815&tnms_dt=ivpressonline.com%20%7C%20Your%20news%2C%20our%20passion.%20%7C%20Imperial%20Valley%20Press%20Online&tnms_upage=1&tnms_do=www.ivpressonline.com&tnms_uri=/&tnms_ref=&rt=1636448720114
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-length: 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 49ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Open+Sans:400,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ivpressonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 42803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 21:11:57 GMT

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 e7363bb8-de02-11e8-92a7-c364b0f7ddf7.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/custom/image/ 10 KB
10 KB 18ms
18ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/custom/image/e7363bb8-de02-11e8-92a7-c364b0f7ddf7.jpg?resize=300%2C168

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fa2a0d4c1af0c005d7123c36321950270637b976fb8d6ac7e103d3c70f0c02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
cf-cache-status: HIT
age: 964720
last-modified: Thu, 01 Nov 2018 18:21:08 GMT
strict-transport-security: max-age=604800
content-length: 10215
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "317dd4e3da152291f49c6e783a40d3bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 25 May 2022 16:31:25 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab5e0f7bc6e2bad-FRA
cf-bgj: h2pri

GET
H2 200 pressreader.php Show response
www.ivpressonline.com/app/ Frame 96CF 1 KB
853 B 84ms
83ms Document
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivpressonline.com/app/pressreader.php?ivpid=refresh
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 434d4db25756da97aa600da947c206517beaa96d4a4d4fa5b681d3531086220a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

date: Tue, 09 Nov 2021 09:02:39 GMT
content-type: text/html; charset=UTF-8
x-loop: 1
content-encoding: gzip
vary: Accept-Encoding
age: 161
x-vcache: HIT
accept-ranges: bytes
content-length: 713

GET
H2 200 10 Show response
yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/ Frame 1709 57 KB
8 KB 338ms
107ms Document
text/html 52.3.82.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.82.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-82-27.compute-1.amazonaws.com

Software

Apache /

Resource Hash

02afb851366af6a34f39ad3b7a986517fe0071e4b55181661a37f13e4d804dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
content-type: text/html; charset=UTF-8
content-length: 8021
server: Apache
x-content-type-options: nosniff nosniff
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
x-varnish: 246350521 246349347
age: 49
via: 1.1 varnish
x-varnish-cache: HIT

GET
H2 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 21ms
20ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 09:05:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 124 B
127 B 31ms
16ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ivpressonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

dbd891809f2d01dbf88e24fbafb8edad1857256bdbf339cb8d3782fc22bf9336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102
x-xss-protection: 0
expires: Tue, 09 Nov 2021 09:05:20 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 434 B
705 B 312ms
100ms Script
text/javascript 3.217.216.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.ivpressonline.com%2F&ntv_mvi
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-216-1.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 2bc8f9223c8122e13f990143c9bac465ddf26dd65e18d33bef5cb11552df9541

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:20 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 289
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 orange.png
www.ivpressonline.com/content/tncms/live/global/resources/images/_site/ 3 KB
3 KB 87ms
78ms Image
image/png 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ivpressonline.com/content/tncms/live/global/resources/images/_site/orange.png
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 52eb360e2e064f736f98b74928e0978eb1665f6ba9afc443530c6d8c9660398c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:02:39 GMT
last-modified: Thu, 11 Jan 2018 19:26:59 GMT
age: 161
etag: "5a57ba83-af8"
x-vcache: HIT
content-type: image/png
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 2808

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Open+Sans:400,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ivpressonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 17:55:21 GMT
x-content-type-options: nosniff
age: 54599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 17:55:21 GMT

GET
H2 200 load_optional_tags Show response
api.pymx5.com/v1/sites/ 0
718 B 178ms
111ms Script
text/html 34.96.74.203
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pymx5.com/v1/sites/load_optional_tags

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

203.74.96.34.bc.googleusercontent.com

Software

nginx/1.13.7 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:20 GMT
via: 1.1 google
server: nginx/1.13.7
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 60ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3886
date: Tue, 09 Nov 2021 08:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Nov 2021 10:00:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
34 KB 322ms
21ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c14282fe6e383dc0f561d1406699717354e183b5256507d00cc770e8e3a7d6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34838
x-xss-protection: 0
expires: Tue, 09 Nov 2021 09:05:21 GMT

GET
H2 200 / Show response
player.sendtonews.com/version/ 207 B
565 B 41ms
10ms Script
application/javascript 13.225.78.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/version/?jsonp
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player2/embedcode.php?fk=5b3IdoCM&cid=12120&SIZE=400&floatwidth=425
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-37.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 63c532c87ea8dcea9132f76536342b6b2cefcf2804dd3e32c475329b2e6322b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:42 GMT
content-encoding: gzip
server: Apache
age: 99
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600, no-cache="set-cookie"
x-amz-cf-pop: FRA2-C2
content-length: 180
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-amz-cf-id: 4HsrlsG_LuWA9M69MQMXdwkjnFWDX7QTw_9HrgvcNoTxzmmPn2Giuw==
expires: Tue, 09 Nov 2021 09:13:42 GMT

GET
H2 200 618757b061b81.image.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/3/54/354a1e1a-3f84-11ec-a4d6-937fe2ca3134/ 42 KB
42 KB 21ms
16ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/3/54/354a1e1a-3f84-11ec-a4d6-937fe2ca3134/618757b061b81.image.jpg?resize=640%2C427

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b413ad609477ce49010787e45a510e49f64bff990ae2430f601cbe1b583360b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 43948
last-modified: Sun, 07 Nov 2021 04:36:00 GMT
cf-bgj: h2pri
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "8a2715e5812e08c72141c99e5976ebb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ab5e0fa88fa2bad-FRA
expires: Tue, 08 Nov 2022 19:13:03 GMT

GET
H2 200 6188a5d6b5e49.image.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/c/fd/cfde67a8-404a-11ec-970f-6fd7f106002d/ 14 KB
14 KB 23ms
20ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/c/fd/cfde67a8-404a-11ec-970f-6fd7f106002d/6188a5d6b5e49.image.jpg?resize=300%2C225

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5038731a27411c5a16d3a739729c2d1aea41d51b9563cf9962d727645ae88039

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 43948
last-modified: Mon, 08 Nov 2021 04:21:43 GMT
cf-bgj: h2pri
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "c0aef7a0e7a383cd0daa3133a563d743"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ab5e0fa88fc2bad-FRA
expires: Tue, 08 Nov 2022 08:45:50 GMT

GET
H2 200 61886b868a61c.image.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/6/53/653b2796-4028-11ec-96b9-a7dcd7b82c5c/ 6 KB
6 KB 17ms
14ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/6/53/653b2796-4028-11ec-96b9-a7dcd7b82c5c/61886b868a61c.image.jpg?resize=300%2C197

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e2c3f1e2de355bf301f703cef723683a2d5950d99055a19ab46aa1c7126184

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 43948
last-modified: Mon, 08 Nov 2021 00:12:56 GMT
cf-bgj: h2pri
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "74b9532ef411a39a1cb683ec81944fc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ab5e0fa88fe2bad-FRA
expires: Tue, 08 Nov 2022 08:39:16 GMT

GET
H2 200 6188aafca3240.image.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/3/f9/3f94e920-404e-11ec-a3ce-f7ffa2ce2198/ 10 KB
10 KB 20ms
18ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/3/f9/3f94e920-404e-11ec-a3ce-f7ffa2ce2198/6188aafca3240.image.jpg?resize=300%2C240

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f695f2b830f4b69ae5d83f2a4517406ae1eb98116a1331b3cb80db8e8903f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 87912
last-modified: Mon, 08 Nov 2021 04:43:41 GMT
cf-bgj: h2pri
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "1494c67ed5226873ffcaf93b403f3c46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ab5e0fa88ff2bad-FRA
expires: Tue, 08 Nov 2022 08:39:16 GMT

GET
H2 200 61886cb4805e5.image.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/4/5d/45de2da2-4029-11ec-884a-7f390c232fef/ 16 KB
16 KB 19ms
17ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/4/5d/45de2da2-4029-11ec-884a-7f390c232fef/61886cb4805e5.image.jpg?resize=300%2C287

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f60f12191feafa6f59149b1d96aacad277e0ae54349122f680fbe2c4e1b4f92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 87912
last-modified: Mon, 08 Nov 2021 00:17:56 GMT
cf-bgj: h2pri
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "c8ca51c97e2ec4b25048b3eb640eca3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ab5e0fa89012bad-FRA
expires: Tue, 08 Nov 2022 08:39:16 GMT

GET
H2 200 tracker.js Show response
www.ivpressonline.com/shared-content/art/stats/common/ Frame 96CF 9 KB
3 KB 85ms
83ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivpressonline.com/shared-content/art/stats/common/tracker.js
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/app/pressreader.php?ivpid=refresh
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/app/pressreader.php?ivpid=refresh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:02:11 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 19:09:11 GMT
age: 189
etag: W/"60b928d7-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 getimage.aspx
cdn-img.pressreader.com/pressdisplay/docserver/ Frame 96CF 50 KB
50 KB 1138ms
733ms Image
image/jpeg 2.16.186.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-img.pressreader.com/pressdisplay/docserver/getimage.aspx?file=9gmu2021110800000000001001&page=1&scale=30&ver=3
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/app/pressreader.php?ivpid=refresh
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-232.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: f7c6374ee30be6b88d8369853f1d03b6f0f450f59b09c2dc515fb0985d356694

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
last-modified: Mon, 08 Nov 2021 13:17:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
ws: 7
content-type: image/jpeg
cache-control: public, no-transform, max-age=2520719
wc: d5
content-length: 51200
expires: Wed, 08 Dec 2021 13:17:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 39ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ivpressonline.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 45ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ivpressonline.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 209 KB
26 KB 118ms
117ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2732810371971083&correlator=695721678091718&output=ldjh&impl=fifs&eid=31063205%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=22212960%2Civpressonline.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F%2F2%2C%2F0%2F1%2F%2F2%2C%2F0%2F1%2F%2F2%2C%2F0%2F1%2F%2F2%2C%2F0%2F1%2F%2F2%2C%2F0%2F1%2F%2F2%2C%2F0%2F1%2F%2F2%2C%2F0%2F1%2F%2F2%2C%2F0%2F1%2F%2F2&prev_iu_szs=2x1%2C728x90%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C359x40%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%7C970x90%7C970x250%2C1x1&prev_scp=pos%3Dfixed-impact-top%2Catf%7Cpos%3Datf%7Cpos%3Dfixed-leaderboard-top%2Catf%7Cpos%3Dfixed-big-ad-top%2Catf%7Cpos%3Datf%7Cpos%3Dfixed-big-ad-middle%2Cstf%7Cpos%3Dfixed-big-ad-bottom%2Cbtf%7Cpos%3Dfixed-leaderboard-bottom%2Cbtf%7Cpos%3Dfixed-impact-bottom%2Cbtf&cust_params=browser%3DChrome%26k%3Dimperial%2520valley%2520press%2520online%26page%3Dhomepage%252Capp-editorial&cookie_enabled=1&bc=31&abxe=1&lmt=1636445146&dt=1636448720773&dlt=1636448719744&idt=988&frm=20&biw=1600&bih=1200&oid=2&adxs=799%2C511%2C-12245933%2C1039%2C-9%2C-9%2C-9%2C-9%2C-9&adys=0%2C100%2C-12245933%2C799%2C-9%2C-9%2C-9%2C-9%2C-9&adks=1415504252%2C1696859982%2C2148882824%2C1676280003%2C2768642053%2C498466459%2C3069314633%2C1878586016%2C4248940287&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ivpressonline.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1%7C858x90%7C1584x1%7C359x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=1600x1%7C858x90%7C728x90%7C359x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1750995675.1636448721&ga_sid=1636448721&ga_hid=532836516&ga_fc=false&fws=4%2C4%2C132%2C4%2C2%2C2%2C2%2C2%2C2&ohw=1600%2C1600%2C1600%2C1600%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C-1%7C0%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f5be8b92b29c52a5bea3d797b32b39d52b77f318cf29065126d13e011146fbb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26684
x-xss-protection: 0
google-lineitem-id: -2,5825278062,5824496610,5206066773,4915347004,5206066773,5206066773,5206066773,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138370347970,138369746444,138292350097,138256629768,138292070081,138292350112,138292071110,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ivpressonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bfa5bbb6ca60f122bbb83a79f683da35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FDA7 6 KB
4 KB 54ms
16ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bfa5bbb6ca60f122bbb83a79f683da35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 09:05:21 GMT
expires: Wed, 09 Nov 2022 09:05:21 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 9de66d66-4976-48ff-b565-d4d34f3d3134 Show response
widget.secure.ownlocal.com/embed/ 19 KB
20 KB 23ms
8ms XHR
text/html 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.secure.ownlocal.com/embed/9de66d66-4976-48ff-b565-d4d34f3d3134?&min_featured_level=0&category=all&subcategory=all&business_centric=true&days_ago=30

Requested by

Host: widget.secure.ownlocal.com
URL: https://widget.secure.ownlocal.com/embed.js?uuid=9de66d66-4976-48ff-b565-d4d34f3d3134&?h=600&min_featured_level=0&category=all&subcategory=all&days_ago=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

232.77.96.34.bc.googleusercontent.com

Software

nginx/1.17.2 /

Resource Hash

a1acb4756534546c8950f578fad2a9c92ab61fca9b409eae59fc825b75adb595

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:48:35 GMT
via: 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 1006
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 19728
x-xss-protection: 1; mode=block
x-request-id: 06acd09a-89e4-41c3-8e6b-f3bbef489322
x-runtime: 0.032326
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.17.2
x-frame-options: ALLOWALL
etag: W/"a1acb4756534546c8950f578fad2a9c9"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Origin
cache-control: public, s-maxage=14400, s-maxage=3600
permissions-policy
content-security-policy
access-control-expose-headers

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 26ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=11815
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: 541CA3CB462144FD
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=15318
accept-ranges: bytes
content-length: 55696
x-amz-id-2: WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 100ms
98ms Image
image/gif 3.217.216.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=7143802&ntv_pl=1043892
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-216-1.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:21 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
536 B 58ms
30ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ivpressonline.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 player.js Show response
player.sendtonews.com/player7/player/65.21.7/ Frame 3E06 239 KB
72 KB 34ms
11ms Script
application/javascript 13.225.78.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player2/embedcode.php?fk=5b3IdoCM&cid=12120&SIZE=400&floatwidth=425
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-37.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 1f57283f1effa064246ba12189917ca27257218dc007962791c399a067753a69

Request headers

Referer: https://www.ivpressonline.com/
Origin: https://www.ivpressonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:04:49 GMT
content-encoding: gzip
age: 32
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 01:34:19 GMT
server: Apache
etag: "3bdb4-5cfec867b1cc0-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
cache-control: max-age=3600, no-cache="set-cookie"
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-amz-cf-id: V67f_XiQkl0F4S4Jac8qXzJsetOnlhXnawI7ETbETBe8VUb7B0-dMA==
expires: Tue, 09 Nov 2021 10:04:49 GMT

GET
H2 403 tracker.gif
www.ivpressonline.com/shared-content/art/stats/common/ Frame 96CF 0
48 B 83ms
83ms Image
text/plain 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ivpressonline.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vpuri=/&tnms_vplen=0&tnms_vt=0&tnms_vid=1636448720105160012001532151474815&tnms_pdt=ivpressonline.com%20%7C%20Your%20news%2C%20our%20passion.%20%7C%20Imperial%20Valley%20Press%20Online&tnms_dt=Untitled%20Document&tnms_upage=1&tnms_do=www.ivpressonline.com&tnms_uri=/app/pressreader.php%3Fivpid%3Drefresh&tnms_ref=https%3A//www.ivpressonline.com/&rt=1636448720892
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/app/pressreader.php?ivpid=refresh
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/app/pressreader.php?ivpid=refresh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
content-length: 0

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
465 B 40ms
13ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ivpressonline.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3D03 11 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06c4cf51e21b3c2fc932ac10219f1b2e27d6387d7db1dc4665506325ecd6b9c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 6188738be49c5.image.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/1/74/174370c0-402d-11ec-915c-9f98b7365357/ 12 KB
12 KB 20ms
19ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/1/74/174370c0-402d-11ec-915c-9f98b7365357/6188738be49c5.image.jpg?crop=334%2C251%2C0%2C193&resize=300%2C225&order=crop%2Cresize

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccede6178ee9ff1246a2198c756e6a52cac10a731deec4ee18eda81d241bcb8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
cf-cache-status: HIT
age: 43948
last-modified: Mon, 08 Nov 2021 00:47:07 GMT
strict-transport-security: max-age=604800
content-length: 12177
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "8d74c986306f240610e9db8ca4dceb25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 08 Nov 2022 19:13:05 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab5e0fc4c052bad-FRA
cf-bgj: h2pri

GET
H2 200 61875c88238e0.image.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/b/e2/be2a8646-3f86-11ec-a71d-d7111850dc88/ 16 KB
16 KB 15ms
14ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/b/e2/be2a8646-3f86-11ec-a71d-d7111850dc88/61875c88238e0.image.jpg?crop=1567%2C1175%2C98%2C0&resize=300%2C225&order=crop%2Cresize

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7f021001451b555e009a3b13d67257f8af9fd27a3965add14f2df508ecc4591

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 87912
last-modified: Sun, 07 Nov 2021 04:56:44 GMT
cf-bgj: h2pri
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "e920193a9a9b9557fbeef5c7d77c6391"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ab5e0fc4c092bad-FRA
expires: Tue, 08 Nov 2022 08:39:16 GMT

GET
H2 200 618734b98b733.image.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/d/9d/d9d2abc0-3f6e-11ec-bf44-4b8f13f5fe6a/ 20 KB
20 KB 20ms
19ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/d/9d/d9d2abc0-3f6e-11ec-bf44-4b8f13f5fe6a/618734b98b733.image.jpg?crop=1333%2C1000%2C83%2C0&resize=300%2C225&order=crop%2Cresize

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45ec55bd4a377302bf3feb709fdb93b9fc194ab2a773ad943478119849f1f161

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 87912
last-modified: Sun, 07 Nov 2021 02:06:50 GMT
cf-bgj: h2pri
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "50b034db402c9d879b3b8c7ac730af94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ab5e0fc4c0a2bad-FRA
expires: Tue, 08 Nov 2022 08:39:16 GMT

GET
H2 200 5d8f03a0-73a6-11ea-adde-1bacb4398da0.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/custom/image/ 7 KB
7 KB 16ms
15ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/custom/image/5d8f03a0-73a6-11ea-adde-1bacb4398da0.jpg?resize=150%2C100

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fbfddc47cb9911b7a5e9c519c314c9129b03e82504e1815ae3f1afbd4a58b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
cf-cache-status: HIT
age: 9409516
last-modified: Tue, 31 Mar 2020 23:21:35 GMT
strict-transport-security: max-age=604800
content-length: 6891
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "28adf0751511d7b857d425dee9d566c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 18 Jun 2022 01:54:49 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab5e0fc4c0f2bad-FRA
cf-bgj: h2pri

GET
H2 200 bl-f821a95-d0fa73f5.js Show response
tagan.adlightning.com/townnews/ Frame BCCA 51 KB
22 KB 12ms
12ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92e4cd8f6651f2914c5ef95e02ebf636c63353bc3fd932f412b4661c71e7517c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:18 GMT
content-encoding: gzip
age: 124
x-cache: Hit from cloudfront
content-length: 22132
x-amz-meta-git_commit: f821a95
last-modified: Tue, 09 Nov 2021 08:05:25 GMT
server: AmazonS3
etag: "a5fdb3b91a2fedfa68147328f2eb48d4"
x-amz-version-id: ffb0KDr03ymuhahCcYB_0hrJDjRjGqij
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: dEEEXupeLDsxHQ0JHFcCM07IDGq6s929bF8FSYRpNPNthTfhA8eBWA==

GET
H2 200 b-7b120a5-e6d21384.js Show response
tagan.adlightning.com/townnews/ Frame BCCA 73 KB
28 KB 10ms
10ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 05:53:24 GMT
content-encoding: gzip
age: 5886718
x-cache: Hit from cloudfront
content-length: 28181
x-amz-meta-git_commit: 7b120a5
last-modified: Tue, 03 Aug 2021 18:05:42 GMT
server: AmazonS3
etag: "1bd25d5a0b3f617a7b96bfd3148d7cb9"
x-amz-version-id: TCazak92uXLsB7S2fwnGUUKnJeDNkgd8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 83uwJ7WjAEv7Uolfzsrui4NrYRJ5N_hdPZhN19HYifJXJC2t2pbgMg==

GET
H2 200 18225684764135805265
tpc.googlesyndication.com/simgad/ Frame BCCA 29 KB
30 KB 41ms
14ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18225684764135805265

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb615c15fbd11a27f2e696b5c47337babd4b1bb7e5abf76b8495ffbbc5f9772d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 07:39:10 GMT
x-content-type-options: nosniff
age: 264371
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29958
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 17:46:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Nov 2022 07:39:10 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame BCCA 19 KB
8 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:56:56 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame BCCA 3 KB
2 KB 40ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 09:03:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BCCA 0
0 42ms
15ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHIlDT87a39bua7bY56WFMkDIZTOKB7rjKvL0RJTHxfDIo2WNn-UKlQfXfNNtL_DI9PY-YyqHRuwqoVHCPi-Xbx_-RXA
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCCA 121 KB
38 KB 45ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 09:05:21 GMT

GET
H2 200 friends2follow_socialstack.min.css
yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1709 70 KB
10 KB 209ms
206ms Stylesheet
text/css 52.3.82.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20210819

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.82.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-82-27.compute-1.amazonaws.com

Software

Apache /

Resource Hash

7b3c089fc040b1517f0a6487d17e2e37325c33fdefd672cd0077be52c0987091

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 20:39:32 GMT
server: Apache
age: 417
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=1209600
x-varnish: 413501681 413490829
accept-ranges: bytes
content-length: 10125
expires: Tue, 23 Nov 2021 08:58:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1709 5 KB
757 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 08:54:53 GMT
server: ESF
date: Tue, 09 Nov 2021 09:05:21 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 09 Nov 2021 09:05:21 GMT

GET
H2 200 jquery.min.js Show response
yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1709 91 KB
33 KB 107ms
105ms Script
application/javascript 52.3.82.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210819

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.82.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-82-27.compute-1.amazonaws.com

Software

Apache /

Resource Hash

de71fa7acfd31b2b19a4ee556a3772b9c6fe285606ba65830037a3e0670c3bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 26 May 2018 17:40:47 GMT
server: Apache
age: 63
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=1209600
x-varnish: 246350533 246349083
accept-ranges: bytes
content-length: 33080
expires: Tue, 23 Nov 2021 09:04:18 GMT

GET
H2 200 friends2follow_tracking.min.js Show response
tracking.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1709 6 KB
2 KB 309ms
297ms Script
application/javascript 52.3.82.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_tracking.min.js?v=20210819

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.82.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-82-27.compute-1.amazonaws.com

Software

Apache /

Resource Hash

f43581454cc4d007baf49f3103c8b754302a7ce5a097f1ef6648a7d1fab3d73e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 20:39:32 GMT
server: Apache
age: 55
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=1209600
x-varnish: 246350535 246349264
accept-ranges: bytes
content-length: 1605
expires: Tue, 23 Nov 2021 09:04:26 GMT

GET
H2 200 friends2follow_antifraud.min.js Show response
antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1709 35 KB
11 KB 309ms
298ms Script
application/javascript 52.3.82.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_antifraud.min.js?v=20210819

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.82.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-82-27.compute-1.amazonaws.com

Software

Apache /

Resource Hash

35344c8fadf8cc7e65b9adc5e6f8a6ebaa48548dc006d8066052775b3e209310

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Dec 2019 16:40:28 GMT
server: Apache
age: 55
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=1209600
x-varnish: 413501683 413500412
accept-ranges: bytes
content-length: 10755
expires: Tue, 23 Nov 2021 09:04:26 GMT

GET
H2 200 friends2follow_socialstack.min.js Show response
yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1709 96 KB
31 KB 208ms
207ms Script
application/javascript 52.3.82.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.js?v=20210819

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.82.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-82-27.compute-1.amazonaws.com

Software

Apache /

Resource Hash

c72048d0852c015fe512c31a836d82eb13b539fd1e37e00400312ea330f5e39a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 20:39:32 GMT
server: Apache
age: 542
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=1209600
x-varnish: 413501682 413487907
accept-ranges: bytes
content-length: 31132
expires: Tue, 23 Nov 2021 08:56:20 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
443 B 44ms
15ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54716522-7&cid=1750995675.1636448721&jid=53926023&gjid=751137409&_gid=1694545836.1636448721&_u=YChAgUABAAQCAE~&z=1938676664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 09 Nov 2021 09:05:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.ivpressonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
148 B 14ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=532836516&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ivpressonline.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=ivpressonline.com%20%7C%20Your%20news%2C%20our%20passion.%20%7C%20Imperial%20Valley%20Press%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjAAUABAAQCAG~&jid=2130823258&gjid=873526741&cid=1750995675.1636448721&tid=UA-40003229-3&_gid=1694545836.1636448721&_r=1&gtm=2wgb80PDQV3N&z=1348202628

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ivpressonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=532836516&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ivpressonline.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=ivpressonline.com%20%7C%20Your%20news%2C%20our%20passion.%20%7C%20Imperial%20Valley%20Press%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgUABAAQC~&jid=53926023&gjid=751137409&cid=1750995675.1636448721&tid=UA-54716522-7&_gid=1694545836.1636448721&gtm=2wgb80PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.ivpressonline.com%2F&cd15=3.155.0&cd16=No&cd17=Page%20View&cm1=630&z=1689861185

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 15:04:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64879
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1709 103 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff716a78fce900b05ead7869e091cb310184cd91cda1358cbbcb5905918dbe38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1709 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5665f8390a5ed541cbfd66da58c3212dd18a200dc62a0bd6096e9d9cfd3da9c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1709 128 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 226072d2c12954b9e849558b9e637e5192cea9a8524ec0040e4cfa5fc883e63a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1709 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adddf67e951bdd862698d47b291241fe2c63ab0831647afb27d20eb7cc0eaa29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1709 109 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec75f5f81f8d9976ae985ba86f53f9a069e44f1ee66bc3595f97801abf582b3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1709 125 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cd4cdf86524f2db7714cae7be98840ddd007796e0abad57e999e8ccbe66fb5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1709 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f01a152d4aa0862afe02b153a2b6d69680f7f16d8f62c60182188216c59a5dec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1709 174 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28ed0e436b66326d203d34c131b22c2808c9b7eec6f97f0e9fda441d7b33b129

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pressreader.php Show response
www.ivpressonline.com/app/ Frame 8A7A 1 KB
853 B 86ms
86ms Document
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivpressonline.com/app/pressreader.php
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 434d4db25756da97aa600da947c206517beaa96d4a4d4fa5b681d3531086220a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

date: Tue, 09 Nov 2021 09:02:40 GMT
content-type: text/html; charset=UTF-8
x-loop: 1
content-encoding: gzip
vary: Accept-Encoding
age: 161
x-vcache: HIT
accept-ranges: bytes
content-length: 713

GET
H2 200 bl-f821a95-d0fa73f5.js Show response
tagan.adlightning.com/townnews/ Frame D21D 51 KB
22 KB 8ms
7ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92e4cd8f6651f2914c5ef95e02ebf636c63353bc3fd932f412b4661c71e7517c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:18 GMT
content-encoding: gzip
age: 124
x-cache: Hit from cloudfront
content-length: 22132
x-amz-meta-git_commit: f821a95
last-modified: Tue, 09 Nov 2021 08:05:25 GMT
server: AmazonS3
etag: "a5fdb3b91a2fedfa68147328f2eb48d4"
x-amz-version-id: ffb0KDr03ymuhahCcYB_0hrJDjRjGqij
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: BK5azFzTmdlWXE3RCdeyGtHOQ7Et5fF9N87KcL4SSKK2qX3AUyTzzg==

GET
H2 200 b-7b120a5-e6d21384.js Show response
tagan.adlightning.com/townnews/ Frame D21D 73 KB
28 KB 9ms
7ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 05:53:24 GMT
content-encoding: gzip
age: 5886718
x-cache: Hit from cloudfront
content-length: 28181
x-amz-meta-git_commit: 7b120a5
last-modified: Tue, 03 Aug 2021 18:05:42 GMT
server: AmazonS3
etag: "1bd25d5a0b3f617a7b96bfd3148d7cb9"
x-amz-version-id: TCazak92uXLsB7S2fwnGUUKnJeDNkgd8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: iwNgmBzvNEmgBWbwqVJnx5CzHVAcr1FiF9D6SGqLak7rmNXVulOqtg==

GET
H2 200 18332383305246661110
tpc.googlesyndication.com/simgad/ Frame D21D 99 KB
99 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18332383305246661110

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d38c0da4d418599962e31da22bdd1d8f51fc2c3bda4b08a897ab53f75ca3df5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:51:20 GMT
x-content-type-options: nosniff
age: 841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101342
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 23:25:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Nov 2022 08:51:20 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame D21D 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:56:56 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame D21D 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 09:03:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D21D 0
0 15ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThOuWiYPWOMkjMQceFhMJX8U75T19nNrTQC2RAGhjagEgFfgcMzAKsmLNnT-0nqReAtQWDQEyg7eC_7k6FZqu21aFSUA
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D21D 121 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 09:05:21 GMT

GET
H2 200 bl-f821a95-d0fa73f5.js Show response
tagan.adlightning.com/townnews/ Frame 2611 51 KB
22 KB 8ms
7ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92e4cd8f6651f2914c5ef95e02ebf636c63353bc3fd932f412b4661c71e7517c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:18 GMT
content-encoding: gzip
age: 124
x-cache: Hit from cloudfront
content-length: 22132
x-amz-meta-git_commit: f821a95
last-modified: Tue, 09 Nov 2021 08:05:25 GMT
server: AmazonS3
etag: "a5fdb3b91a2fedfa68147328f2eb48d4"
x-amz-version-id: ffb0KDr03ymuhahCcYB_0hrJDjRjGqij
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: SqSVj_J3b1kH8IyP5lXo1XZBuR12tyG_qCXh6e6rtR81GRqPTmJW2w==

GET
H2 200 b-7b120a5-e6d21384.js Show response
tagan.adlightning.com/townnews/ Frame 2611 73 KB
28 KB 8ms
8ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 05:53:24 GMT
content-encoding: gzip
age: 5886718
x-cache: Hit from cloudfront
content-length: 28181
x-amz-meta-git_commit: 7b120a5
last-modified: Tue, 03 Aug 2021 18:05:42 GMT
server: AmazonS3
etag: "1bd25d5a0b3f617a7b96bfd3148d7cb9"
x-amz-version-id: TCazak92uXLsB7S2fwnGUUKnJeDNkgd8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: WowGnKsrWzHhuL7Lvvq7hQ7PbqLxOtJKXwoI2FaFoD7ko2e-sTckDQ==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2611 79 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e050b7f1da783cce5a7be35e632698dc49ca9013802a48414f080cc861b4574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1038 / 172 of 1000 / last-modified: 1636412772"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27060
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 09:05:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2611 121 KB
37 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 09:05:21 GMT

GET
H2 200 bl-f821a95-d0fa73f5.js Show response
tagan.adlightning.com/townnews/ Frame 13A4 51 KB
22 KB 12ms
12ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92e4cd8f6651f2914c5ef95e02ebf636c63353bc3fd932f412b4661c71e7517c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:18 GMT
content-encoding: gzip
age: 125
x-cache: Hit from cloudfront
content-length: 22132
x-amz-meta-git_commit: f821a95
last-modified: Tue, 09 Nov 2021 08:05:25 GMT
server: AmazonS3
etag: "a5fdb3b91a2fedfa68147328f2eb48d4"
x-amz-version-id: ffb0KDr03ymuhahCcYB_0hrJDjRjGqij
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: YC6a49osKHneUr3BIK6rkkRbkxD09kfIAHiLnn-SKgEo2pcEidm06Q==

GET
H2 200 b-7b120a5-e6d21384.js Show response
tagan.adlightning.com/townnews/ Frame 13A4 73 KB
28 KB 12ms
11ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 05:53:24 GMT
content-encoding: gzip
age: 5886719
x-cache: Hit from cloudfront
content-length: 28181
x-amz-meta-git_commit: 7b120a5
last-modified: Tue, 03 Aug 2021 18:05:42 GMT
server: AmazonS3
etag: "1bd25d5a0b3f617a7b96bfd3148d7cb9"
x-amz-version-id: TCazak92uXLsB7S2fwnGUUKnJeDNkgd8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: A2HmBFVzxt7LS2SAsTDMtCvPPrUTosRItFQuNaPBpaUZsyuthF_dsg==

GET
H2 200 1881518959336929479
tpc.googlesyndication.com/simgad/ Frame 13A4 19 KB
19 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1881518959336929479

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

897682171454c25d32059a155b4df931eeeb48edea964dc948a464fdb94ae6f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 04:24:25 GMT
x-content-type-options: nosniff
age: 276057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19226
x-xss-protection: 0
last-modified: Wed, 09 Jan 2019 18:53:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Nov 2022 04:24:25 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 13A4 19 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:56:56 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 13A4 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 09:03:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 13A4 121 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 09:05:22 GMT

GET
H2 200 bl-f821a95-d0fa73f5.js Show response
tagan.adlightning.com/townnews/ Frame D243 51 KB
22 KB 8ms
7ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92e4cd8f6651f2914c5ef95e02ebf636c63353bc3fd932f412b4661c71e7517c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:18 GMT
content-encoding: gzip
age: 125
x-cache: Hit from cloudfront
content-length: 22132
x-amz-meta-git_commit: f821a95
last-modified: Tue, 09 Nov 2021 08:05:25 GMT
server: AmazonS3
etag: "a5fdb3b91a2fedfa68147328f2eb48d4"
x-amz-version-id: ffb0KDr03ymuhahCcYB_0hrJDjRjGqij
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: MImcHZW1luUYVUu_mC463xPUubOm8arpEn1WpcwUD8rwXwZ10l4u9A==

GET
H2 200 b-7b120a5-e6d21384.js Show response
tagan.adlightning.com/townnews/ Frame D243 73 KB
28 KB 8ms
8ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 05:53:24 GMT
content-encoding: gzip
age: 5886719
x-cache: Hit from cloudfront
content-length: 28181
x-amz-meta-git_commit: 7b120a5
last-modified: Tue, 03 Aug 2021 18:05:42 GMT
server: AmazonS3
etag: "1bd25d5a0b3f617a7b96bfd3148d7cb9"
x-amz-version-id: TCazak92uXLsB7S2fwnGUUKnJeDNkgd8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: iwYraCMkXAREnU9Ws3HT8XJoMCqWlM6Qig85YD135CeXO6fXUjCPQg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame D243 79 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400d415e25e3c2b6d990376f5b1b73e91a4ada0f82098f11b71b644773528907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1038 / 586 of 1000 / last-modified: 1636412720"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27059
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 09:05:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D243 121 KB
37 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 09:05:22 GMT

GET
H2 200 bl-f821a95-d0fa73f5.js Show response
tagan.adlightning.com/townnews/ Frame 9419 51 KB
22 KB 8ms
7ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92e4cd8f6651f2914c5ef95e02ebf636c63353bc3fd932f412b4661c71e7517c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:18 GMT
content-encoding: gzip
age: 125
x-cache: Hit from cloudfront
content-length: 22132
x-amz-meta-git_commit: f821a95
last-modified: Tue, 09 Nov 2021 08:05:25 GMT
server: AmazonS3
etag: "a5fdb3b91a2fedfa68147328f2eb48d4"
x-amz-version-id: ffb0KDr03ymuhahCcYB_0hrJDjRjGqij
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: -Ih8b82rTEAcK0WzgEXoJ0bW9ze13qvSSnI9oFnPghdCAopPGuaAMg==

GET
H2 200 b-7b120a5-e6d21384.js Show response
tagan.adlightning.com/townnews/ Frame 9419 73 KB
28 KB 9ms
8ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 05:53:24 GMT
content-encoding: gzip
age: 5886719
x-cache: Hit from cloudfront
content-length: 28181
x-amz-meta-git_commit: 7b120a5
last-modified: Tue, 03 Aug 2021 18:05:42 GMT
server: AmazonS3
etag: "1bd25d5a0b3f617a7b96bfd3148d7cb9"
x-amz-version-id: TCazak92uXLsB7S2fwnGUUKnJeDNkgd8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 17B0FVc9pFnYbVl8tpNeSh_SsMfj_45tAFB99cvKp_kgRQX2PaCL5Q==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9419 79 KB
27 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400d415e25e3c2b6d990376f5b1b73e91a4ada0f82098f11b71b644773528907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1038 / 712 of 1000 / last-modified: 1636412720"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27059
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 09:05:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9419 121 KB
37 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 09:05:22 GMT

GET
H2 200 11815 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 0
279 B 387ms
386ms Script
binary/octet-stream 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/11815?t=202110991
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: W3tPBCv.MskbEoSmznt7CPYBAC4Mywjt
last-modified: Sat, 09 Oct 2021 06:01:00 GMT
server: AmazonS3
x-amz-request-id: VBCP639DWAXQD5P2
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: binary/octet-stream
date: Tue, 09 Nov 2021 09:05:22 GMT
accept-ranges: bytes
content-length: 0
x-amz-id-2: JZi6hnhJ8CG8S3NUs5SJLZ61BylERRqjjguruMoPvr7PLszORpXjWhp3KHd13ErLDIMc28PwoVg=

GET
H2 200 / Show response
s.tradingview.com/embed-widget/market-overview/ Frame C454 20 KB
8 KB 48ms
8ms Document
text/html 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/embed-widget/market-overview/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-market-overview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

66285ad214dc3ff02d492dfa93a49b59b8c22de916b23566a94289b2dea89244

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-eval' blob: https://.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://.doubleclick.net/ https://.googleadservices.com/ https://adservice.google.com/ https://.googlesyndication.com/ https://.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://.paypal.com/ https://platform.twitter.com 'nonce-jIHKws2r57UiQdGnaDrRug=='; report-uri /csp-report/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

content-type: text/html; charset=utf-8
date: Tue, 09 Nov 2021 09:03:45 GMT
expires: Tue, 09 Nov 2021 09:05:45 GMT
cache-control: max-age=120
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src 'self' 'unsafe-eval' blob: https://*.tradingview.com/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/gtag/ https://*.doubleclick.net/ https://*.googleadservices.com/ https://adservice.google.com/ https://*.googlesyndication.com/ https://*.ampproject.org/ https://accounts.google.com/ https://pay.google.com/ https://*.paypal.com/ https://platform.twitter.com 'nonce-jIHKws2r57UiQdGnaDrRug=='; report-uri /csp-report/
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: tv
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,Cookie
x-cache: Hit from cloudfront
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: TM8BuzkAL85LWZ_iIV0DGcInPIb3lOoH8-5HqQYHBZy5ZAPthXtxdA==
age: 97

GET
H2 200 bl-f821a95-d0fa73f5.js Show response
tagan.adlightning.com/townnews/ Frame C8D4 51 KB
22 KB 8ms
7ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-f821a95-d0fa73f5.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92e4cd8f6651f2914c5ef95e02ebf636c63353bc3fd932f412b4661c71e7517c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:18 GMT
content-encoding: gzip
age: 125
x-cache: Hit from cloudfront
content-length: 22132
x-amz-meta-git_commit: f821a95
last-modified: Tue, 09 Nov 2021 08:05:25 GMT
server: AmazonS3
etag: "a5fdb3b91a2fedfa68147328f2eb48d4"
x-amz-version-id: ffb0KDr03ymuhahCcYB_0hrJDjRjGqij
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: h2s2Vo9ZymdIYDl9cyoBRN75kg7BfD1mrU44XY6QlkmTRwiVCrCOFQ==

GET
H2 200 b-7b120a5-e6d21384.js Show response
tagan.adlightning.com/townnews/ Frame C8D4 73 KB
28 KB 8ms
7ms Script
application/javascript 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 05:53:24 GMT
content-encoding: gzip
age: 5886719
x-cache: Hit from cloudfront
content-length: 28181
x-amz-meta-git_commit: 7b120a5
last-modified: Tue, 03 Aug 2021 18:05:42 GMT
server: AmazonS3
etag: "1bd25d5a0b3f617a7b96bfd3148d7cb9"
x-amz-version-id: TCazak92uXLsB7S2fwnGUUKnJeDNkgd8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: RauY0n9oQinxus-MZujesvoukFuvFmyexbR-IbYVbljpx4ez6cMl9A==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C8D4 79 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400d415e25e3c2b6d990376f5b1b73e91a4ada0f82098f11b71b644773528907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1038 / 891 of 1000 / last-modified: 1636412720"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27059
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 09:05:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8D4 121 KB
37 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 09:05:22 GMT

GET
H/1.1 200
OK 187621-164323601241456.js Show response
js-sec.indexww.com/ht/p/ Frame 3E06 39 KB
13 KB 32ms
9ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Nov 2021 08:35:33 GMT
Server: Apache
ETag: "905ad8-9a4f-5d056fe2df451"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2106
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 13270
Expires: Tue, 09 Nov 2021 09:40:28 GMT

GET
H/1.1 200
OK data_read.php Show response
embed.sendtonews.com/player4/ Frame 3E06 32 KB
7 KB 429ms
125ms XHR
text/html 50.17.208.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=22Zx-fvNwpFFs8y5&instance=062640&version=65.21.7&age=211109&ESG_key=5b3IdoCM&type=barker&EXTREF=https://www.ivpressonline.com/&REF=https://www.ivpressonline.com/&ogSet=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.208.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-208-58.compute-1.amazonaws.com
Software: Apache /
Resource Hash: b3a231bc368c20f4d29b1e6428d691c29f75988863edb8b020b76df83f55695f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 6191
Expires: Tue, 09 Nov 2021 09:05:23 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3E06 368 KB
123 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125099
x-xss-protection: 0
expires: Tue, 09 Nov 2021 09:05:22 GMT

GET
H2 200 video.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame 3E06 524 KB
122 KB 33ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 350885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 123688
timing-allow-origin: *
last-modified: Tue, 26 Jan 2021 19:48:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6010721a-8304e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BdQPuBLdmIuVIw%2BZUCDuwMHci4U7noQp0DBLzCUcTCcFi%2BmukmAwig2HEPO8ZPg79O4RYBu1N4mqxtsAw6D1XQnTAH1xJ6vxQOPXhDT4N0CY4UzuQp49Bmz9NBVqJaW9JaaoFCm%2BduDSMCxvm95sY7%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab5e102bfe542c9-FRA
expires: Sun, 30 Oct 2022 09:05:22 GMT

GET
H2 200 iscroll.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/ Frame 3E06 32 KB
8 KB 40ms
22ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/iscroll.min.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3505699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7559
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9e-80dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWZiZ9feSCN3NumKZN5soI1A4pgNNjY0gL2caqgaXllamqiIXvXGtIVKrHieIiXhhCfAdIHgR%2BdyyIas%2FTjIqtNewx5NCg15Pb8m60mcwevkD%2FjqUIODW8ABWLYW%2FHsh9sMHCMpLdfBmeRL4m3gm5TGf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab5e102bfe642c9-FRA
expires: Sun, 30 Oct 2022 09:05:22 GMT

GET
H2 200 comScore.gt.min.js Show response
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 3E06 335 KB
59 KB 39ms
9ms Script
application/javascript 13.224.186.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:01:40 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 23:25:25 GMT
server: AmazonS3
age: 21840
etag: W/"4a51b8991a6b67323936c2eb62e3518e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: updgpRpcviT-utQewIsGVql0HsdfDcJXjgjWcBu97KYimWWP7sOLnA==

GET
H2 200 prebid.js Show response
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/ Frame 3E06 230 KB
73 KB 48ms
18ms Script
application/javascript 13.224.186.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7adc0e82d10de0c5af74d068b95973ff1528ff242d6e35390d3d5ef718291471

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:12:17 GMT
content-encoding: gzip
last-modified: Tue, 27 Oct 2020 16:52:33 GMT
server: AmazonS3
age: 60794
etag: W/"0d9ef44ff3701f373f18205e7e1bc16a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: hx2A0D9aLMPVpzzv5onCQsjI9Nbru7-DZ_eRR3WIs2jZRlIlAjKe6A==

GET
H2 200 css
fonts.googleapis.com/ Frame 3E06 5 KB
757 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c347d58c696d6e371b92485f7705ffe574ed5eff3758f6fd919e6241caf19f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 09:00:00 GMT
server: ESF
date: Tue, 09 Nov 2021 09:05:22 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 09 Nov 2021 09:05:22 GMT

GET
H2 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame 3E06 39 KB
9 KB 38ms
21ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video-js.min.css

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 978350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9062
timing-allow-origin: *
last-modified: Tue, 26 Jan 2021 19:48:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6010721a-9c87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DhuwxmCES98OcE1Agv%2BTe6kfbrZIqjLXzP8PrGOBlSTMMVrYAaLxSIcO%2Ftc659ptvPVCjOanhSDBo7dNzUZEGQA%2BML2y8SEvcALdhBrcvjVYKlUCFgwXMdl7o%2ByeKpjf1XU%2B3QF9gIxsuTdQJxrU1wT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab5e102bfe042c9-FRA
expires: Sun, 30 Oct 2022 09:05:22 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 3E06 26 B
187 B 329ms
102ms Image
image/gif 100.25.5.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=22Zx-fvNwpFFs8y5&instance=062640&version=65.21.7&age=211109&cmd=PRE_INIT&key=5b3IdoCM&order=1&EXTREF=https://www.ivpressonline.com/&REF=https://www.ivpressonline.com/&canonical=https://www.ivpressonline.com/
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.5.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-5-11.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 1709 44 KB
44 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://yumasun.friends2follow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 42805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 21:11:57 GMT

GET
H2 200 social.woff2
yumasun.friends2follow.com/sites/all/modules/friends2follow/font/ Frame 1709 5 KB
5 KB 103ms
103ms Font
text/plain 52.3.82.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://yumasun.friends2follow.com/sites/all/modules/friends2follow/font/social.woff2?49894406

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20210819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.82.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-82-27.compute-1.amazonaws.com

Software

Apache /

Resource Hash

3ebd026647714647aaa1e9ce958a12670dee2ff940ac4b334d2d718f780400bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20210819
Origin: https://yumasun.friends2follow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Tue, 09 Nov 2021 09:05:22 GMT
via: 1.1 varnish
x-content-type-options: nosniff
last-modified: Fri, 14 Feb 2020 20:14:31 GMT
server: Apache
age: 0
x-varnish: 246350564
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes, bytes
content-length: 5316
expires: Tue, 23 Nov 2021 09:05:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BCCA 0
0 41ms
41ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsTjPBboBMDvYyfOJQMtkCX9CIN9Wk-lUMCFm70l_C0epJQOEci8bW7PbklItuy5gD5XmXfuwjd7xcED2-9cRRsfu2ecN35qzcFavs5yPeP0z1csLvkpZ_kw6Hfz_pM1ZIaIU6yED0G0Q-isPo3SJtH4-F7Uz9m_8p3J4ZuUDLYlhmntMGpRQ9RuDIIk3yHskwehXqaiI1I9osZnNILxBIoQAeCESLjNDz48wLPoYFUC50oIwwOTGgrB-WTElNbkN-hp5uHpyxNrCz6-mTjm456Y0yF2R1sSDPmGG5X6_lg1b7_myzvNKu_zrOgUqISBXz98x9i5cwJNDBCcMP&sai=AMfl-YSpfOKhf3RT0vzLDTlq2UpSPJSoRLegCIOR6e8zWNl3FhJCpUnh498W91LixcKI9FpFfwY3keaMwPnamoD11IP0XWjdMiAHzu_lGsxw-Cze8tHn5oXHv7KNuKZBM-3_&sig=Cg0ArKJSzLUXLo5DMi9SEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 09 Nov 2021 09:05:22 GMT

GET
DATA 200
OK truncated
/ Frame BCCA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9790cbfab8e909c15135881c2632cc82cc2f4acdbb629263f3327d7144a3b479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BCCA 0
0 42ms
42ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFIdzMQDxRsv0ZSPwbXdPpC_kZRiJ7oHkYVUr5SbU0RO6Nm3k7jr2v3Ifz2dC-Xs7tf4h7N5-g8aNs3JVpQuIr3FkxivnC-DBlYy3WxeOVddB3IleE-6l-egiW7xkaHLxeg6AFah7p3ISGwUHwSwNU27_DWmcW5yGIQxNBZyMq_xdftHmbApTwmYYB80yppMSs1Gn84FmxOnNku7vGT10fGGhukzcJPxycHoRhqfqxUfo2dzdv-lddenL10r6KR968NDKPpUnvwzqwFma8tFXts5VUwz9N9HSWuzDZEDPfceOZYS5z8Dlbarc3o-uk9R-PNmtCiKfwZvgMIEaiZXM&sai=AMfl-YRsXDmISmBUjcRcUPvSG79i14BFjplUq__de9ELjCfPGaoIixbyTm6fdAe7UGRoHNQtTYVUvObxnpMbfXTcxeObu3CgitN3kLa8bcqf5ap9WK-bZmdzNhaqfDl5QBfb&sig=Cg0ArKJSzMKTyoDl4krTEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 09 Nov 2021 09:05:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 64D8 129 KB
44 KB 26ms
24ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5T8HXK8

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

810ec545d51dad0b1ce64ca043bf3ac3c7cd3f72ae6f9cefdf3d4bd4f79c5021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44684
x-xss-protection: 0
expires: Tue, 09 Nov 2021 09:05:22 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ Frame 64D8 58 KB
11 KB 39ms
20ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Requested by

Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ivpressonline.com/
Origin: https://www.ivpressonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 313255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10491
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKD%2FdVnd81Rb8t0qhEp8cr%2FmixvD%2BahhaiKsA3cr%2FkgwtDNRPU4mu%2BwcPDerjlCl0z01Jyg4GcJuN%2B6laT8eulboim0u0tF1sRZralNJhDDY6Pjdavfog6HKWy6dj7mSfmqBOiDQXOUrNgVvjNYNUZOa"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab5e10609762b16-FRA
expires: Sun, 30 Oct 2022 09:05:22 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 64D8 30 KB
7 KB 48ms
19ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 2822722
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1b00e9671224b437bf3914cf33baf521
cf-ray: 6ab5e1061d7f0601-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 slick.css
cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/ Frame 64D8 2 KB
1 KB 41ms
13ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/slick.css

Requested by

Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1253911
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19154-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ab5e1061c26696f-FRA

GET
H2 200 slick-theme.css
cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/ Frame 64D8 3 KB
976 B 44ms
15ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/slick-theme.css

Requested by

Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1253911
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19155-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ab5e1061c29696f-FRA

GET
H2 200 galleria.classic.min.css
cdnjs.cloudflare.com/ajax/libs/galleria/1.6.1/themes/classic/ Frame 64D8 4 KB
1 KB 19ms
16ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/galleria/1.6.1/themes/classic/galleria.classic.min.css

Requested by

Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1518d6b3f4564b45fbfd24f6a4e4099535c383de532dbdcb26606f0aa565ba00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7513097
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 798
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e6c-113b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lx%2B5dLjlL85wdF6Ml2a09CBsD3Ss3VHjk7RWHivER1HuNrkDm%2F9JAQpNB7zAC6QqOWCqVdlK553XCVY2bZsXn%2Biy2LAc6CgQP%2FoHAAWhiTVVezr1MvsCWGl%2FHyDRC6nnBHKcxZidWQaJbPu8WnsQLzkk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab5e105e83c42c9-FRA
expires: Sun, 30 Oct 2022 09:05:22 GMT

GET
H2 200 evvnt_discovery_plugin.css
discovery.evvnt.com/prd/current/ Frame 64D8 119 KB
120 KB 23ms
20ms Stylesheet
text/css 2600:9000:20eb:9000:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin.css
Requested by: Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc7b85cfa9aabe6b00ca32b83db57d2d4fe47ac72811875182b929e48b1532cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 01:08:37 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Thu, 04 Nov 2021 18:59:05 GMT
server: AmazonS3
age: 28712
etag: "f5f0e2d13de0e1733c04d8ec22439511"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 121931
x-amz-cf-id: 2MF3dn-3oN-7vBNCbABcZCrNJeq3v7ufbn8gq2WsW8Vl1G4Bp99Pkg==

GET
H2 200 algoliasearch.min.js Show response
cdn.jsdelivr.net/algoliasearch/3/ Frame 64D8 68 KB
19 KB 46ms
18ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/algoliasearch/3/algoliasearch.min.js

Requested by

Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4329ee5a90afd8ee0de17df581b8ababe5591352f8f0001e6e4698a74d6e5ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1253906
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19166-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"110a8-F5a5b5P9g0Kl193YFl3jb+Ewjig"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ab5e1061c2a696f-FRA

GET
H2 200 algoliasearch.helper.min.js Show response
cdn.jsdelivr.net/algoliasearch.helper/2/ Frame 64D8 125 KB
33 KB 51ms
23ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/algoliasearch.helper/2/algoliasearch.helper.min.js

Requested by

Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45a44547bc03bf28eef08b155e355f497ca18ee852614d0dc602b91e20c64512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 912
x-jsd-version: 2.28.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19121-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1f4ce-yhw0k44Hf5WfhCJOdgej62yDo+U"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ab5e1061c2b696f-FRA

GET
H2 200 respond.min.js Show response
discovery.evvnt.com/prd/current/ Frame 64D8 4 KB
5 KB 22ms
20ms Script
application/javascript 2600:9000:20eb:9000:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/current/respond.min.js
Requested by: Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c23ef9aa4603538d4710afa4e29284a60ad8956a8b8ab76236def69c97c31a7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:19:46 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Thu, 04 Nov 2021 18:59:05 GMT
server: AmazonS3
age: 13794
etag: "a2684e9b8fa50d6d11c56a9ada068528"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4592
x-amz-cf-id: wxydJv8dpmXAzB32o7S55qlw65wA-KFtXpUxVIMC9rqznCU3AJw7dA==

GET
H2 200 evvnt_discovery_plugin_s.js Show response
discovery.evvnt.com/prd/current/ Frame 64D8 515 KB
515 KB 9ms
7ms Script
application/javascript 2600:9000:20eb:9000:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js
Requested by: Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35723694d7d1f70e33125469a3b45d97364d5f253f41d730cd2e598ef79da70d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 02:26:53 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Thu, 04 Nov 2021 18:59:05 GMT
server: AmazonS3
age: 23909
etag: "361dfe48faf32bcab68638fce40d0885"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 526870
x-amz-cf-id: w1noV0XbSCCqcwWHhDNkNuESDqcndL1SWQlnzzICTLsE_2kuVedVhQ==

GET
H2 200 autocomplete.min.js Show response
cdn.jsdelivr.net/autocomplete.js/0/ Frame 64D8 56 KB
19 KB 43ms
16ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/autocomplete.js/0/autocomplete.min.js

Requested by

Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a3d06d1b1f501f2093b356eda8275778f948abbf611429866909e5589f12b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1078
x-jsd-version: 0.38.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19160-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"e0c6-Wydlv9X9np2D1152CwAVK3YT6Zc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ab5e1061c2d696f-FRA

GET
H2 200 aes.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ Frame 64D8 13 KB
4 KB 22ms
21ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js

Requested by

Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 351799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4256
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-3430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC6Nth2nKH8K3KJX18nreJjFRaEkzkm1IRR9KCAkMTot4vws4jFpcYtWZhKwIdyL1EdC71vmQLyYhv5MAmkAI4aluwTtXuPif4Rc7p6hNm%2BBwQS3%2BxNzbIoK5u1PbXhxDUOhhSJ4AUxTGzXS7iFUAwnn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab5e105e83f42c9-FRA
expires: Sun, 30 Oct 2022 09:05:22 GMT

GET
H2 200 spinner.gif
discovery.evvnt.com/prd/current/ Frame 64D8 3 KB
3 KB 21ms
20ms Image
image/gif 2600:9000:20eb:9000:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discovery.evvnt.com/prd/current/spinner.gif
Requested by: Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9333d900e7e2187b8df9db60653d79a67670d7456a2ebde2af3ac6c1849a50a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 02:53:39 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Thu, 04 Nov 2021 18:59:05 GMT
server: AmazonS3
age: 24086
etag: "827579418923b7362a4a947475ca22fe"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3111
x-amz-cf-id: nYdyeo0PSQdJzZfBhtIIKGWy4ra8SFQMAjAj6wqaPgtknLk8NnVIMA==

GET
H2 200 tracker.js Show response
www.ivpressonline.com/shared-content/art/stats/common/ Frame 8A7A 9 KB
3 KB 86ms
83ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivpressonline.com/shared-content/art/stats/common/tracker.js
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/app/pressreader.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/app/pressreader.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:02:11 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 19:09:11 GMT
age: 191
etag: W/"60b928d7-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 getimage.aspx
cdn-img.pressreader.com/pressdisplay/docserver/ Frame 8A7A 50 KB
50 KB 9ms
6ms Image
image/jpeg 2.16.186.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-img.pressreader.com/pressdisplay/docserver/getimage.aspx?file=9gmu2021110800000000001001&page=1&scale=30&ver=3
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/app/pressreader.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-232.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: f7c6374ee30be6b88d8369853f1d03b6f0f450f59b09c2dc515fb0985d356694

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:22 GMT
last-modified: Mon, 08 Nov 2021 13:17:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
ws: 7
content-type: image/jpeg
cache-control: public, no-transform, max-age=2520719
wc: d5
content-length: 51200
expires: Wed, 08 Dec 2021 13:17:21 GMT

GET
H2 200 friends2follow_socialstack_on_init.min.js Show response
yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1709 87 KB
25 KB 103ms
103ms XHR
application/javascript 52.3.82.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack_on_init.min.js

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.82.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-82-27.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2ef6098b152764c985338092267e7207676c7040d8f12187c4a9b419f1d41e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Tue, 09 Nov 2021 09:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2017 17:48:57 GMT
server: Apache
age: 505
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=1209600
x-varnish: 246350573 246337434
accept-ranges: bytes
content-length: 25376
expires: Tue, 23 Nov 2021 08:56:57 GMT

GET
H2 200 1f525.png
twemoji.maxcdn.com/36x36/ Frame 1709 567 B
981 B 198ms
6ms Image
image/png 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/1f525.png
Requested by: Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a32f96169d003505748a3889087e883ff705f856ccc8daa0ddf02b9a8deeabbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-fastly-request-id: 94f2e5cbb0c932a42ca8c480205083865b3ca509
date: Tue, 09 Nov 2021 09:05:23 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 567
last-modified: Tue, 01 Jun 2021 07:52:48 GMT
server: NetDNA-cache/2.2
x-github-request-id: 9DE4:2370:DBFAB:E3DAB:61819BE1
etag: "60b5e750-237"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Thu, 09 Dec 2021 09:05:23 GMT

GET
H2 200 1f4b2.png
twemoji.maxcdn.com/36x36/ Frame 1709 360 B
776 B 199ms
6ms Image
image/png 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/1f4b2.png
Requested by: Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 318d11a9d586ea98606797e830c421c3c995fce634456cc8ceb07017526762c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-fastly-request-id: 4832c00a968339c94bd037dbdeabcd7aff001069
date: Tue, 09 Nov 2021 09:05:23 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 360
last-modified: Tue, 01 Jun 2021 07:52:48 GMT
server: NetDNA-cache/2.2
x-github-request-id: 9328:8CEE:A3007A:A717D7:6182F662
etag: "60b5e750-168"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Thu, 09 Dec 2021 09:05:23 GMT

GET
H2 200 23f0.png
twemoji.maxcdn.com/36x36/ Frame 1709 616 B
1 KB 199ms
7ms Image
image/png 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/23f0.png
Requested by: Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: d4af9c39984dc2f8903ce991779325742d0c8e8cd10af0f33f9c0d7965464ed8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-fastly-request-id: 98619ea23e0ee9a93d9d1e67a99c21cea1f879f7
date: Tue, 09 Nov 2021 09:05:23 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 616
last-modified: Tue, 01 Jun 2021 07:52:48 GMT
server: NetDNA-cache/2.2
x-github-request-id: A2F2:2371:A746D0:AB7E01:6182FF7D
etag: "60b5e750-268"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Thu, 09 Dec 2021 09:05:23 GMT

GET
H2 200 1f4c6.png
twemoji.maxcdn.com/36x36/ Frame 1709 498 B
914 B 199ms
7ms Image
image/png 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/1f4c6.png
Requested by: Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f8e0171de29a3d701fb31457f09c5d5b8e703e94d5d654399554b8b67efee07d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-fastly-request-id: 524fb641c878e1275134e6eb4f813429738ee1cb
date: Tue, 09 Nov 2021 09:05:23 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 498
last-modified: Tue, 01 Jun 2021 07:52:48 GMT
server: NetDNA-cache/2.2
x-github-request-id: 205E:4F20:CC0707:D1E0ED:6183A95E
etag: "60b5e750-1f2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Thu, 09 Dec 2021 09:05:23 GMT

GET
H2 200 1f499.png
twemoji.maxcdn.com/36x36/ Frame 1709 316 B
732 B 200ms
7ms Image
image/png 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/1f499.png
Requested by: Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4ba3590e83d4ea197a7aa2e905f25ab081f363477ab25aaf969907a424109224

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-fastly-request-id: a3b0fa1d5fe1a36d995f1fb65725ac95b8c41d18
date: Tue, 09 Nov 2021 09:05:23 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 316
last-modified: Tue, 01 Jun 2021 07:52:48 GMT
server: NetDNA-cache/2.2
x-github-request-id: 867C:5FC9:24C006:2597B2:6181ADBC
etag: "60b5e750-13c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Thu, 09 Dec 2021 09:05:23 GMT

GET
H2 200 1f3e0.png
twemoji.maxcdn.com/36x36/ Frame 1709 267 B
683 B 200ms
8ms Image
image/png 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/1f3e0.png
Requested by: Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a39eda347686aafa3e647b50b8bf348c3719167d31a7ed87bda251ee5a6685f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-fastly-request-id: 0b9799195d5ccab8578e6e8324303f85c5ef13e2
date: Tue, 09 Nov 2021 09:05:23 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 267
last-modified: Tue, 01 Jun 2021 07:52:48 GMT
server: NetDNA-cache/2.2
x-github-request-id: B20C:5FC9:33730F:34DB26:6181E4BE
etag: "60b5e750-10b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Thu, 09 Dec 2021 09:05:23 GMT

GET
H2 200 1f342.png
twemoji.maxcdn.com/36x36/ Frame 1709 764 B
1 KB 8ms
6ms Image
image/png 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/1f342.png
Requested by: Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 85ced8d3e004479b8f2fe0768cc517406f1d9326e4413702d2d1249916d3115b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-fastly-request-id: db08e06a1f822ac60ac748459519dd6c58b1e98b
date: Tue, 09 Nov 2021 09:05:23 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 764
last-modified: Tue, 01 Jun 2021 07:52:48 GMT
server: NetDNA-cache/2.2
x-github-request-id: 5FB2:8BC9:136169:1421D8:6181C00D
etag: "60b5e750-2fc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Thu, 09 Dec 2021 09:05:23 GMT

GET
H2 200 1f3e1.png
twemoji.maxcdn.com/36x36/ Frame 1709 453 B
869 B 8ms
7ms Image
image/png 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/1f3e1.png
Requested by: Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1e505a5909b472ad9ed594bdb44af9ad3d562ebfb2df5a9cb1b8dd4cec97991a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-fastly-request-id: 20ac7aa67c8938586634281e16eef1374b90bf58
date: Tue, 09 Nov 2021 09:05:23 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 453
last-modified: Tue, 01 Jun 2021 07:52:48 GMT
server: NetDNA-cache/2.2
x-github-request-id: 5C7C:87A2:10A82F:1146C6:6181AE6E
etag: "60b5e750-1c5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Thu, 09 Dec 2021 09:05:23 GMT

GET
H2 200 f2fi.php
tracking.friends2follow.com/ Frame 1709 43 B
269 B 108ms
108ms Image
image/gif 52.3.82.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.friends2follow.com/f2fi.php?domain=yumasun.friends2follow.com&wi=172&it=185/12178/185355,189/13298/185330,189/13298/185329,189/13298/185324,189/13298/185312,189/13298/185282,185/12178/185265,189/13298/185249,189/13298/185237,189/13298/185221,189/13298/185211,189/13298/185188&ti=1636448672&ha=36faf8a17ef6b5d9f3807d5a59f11801&fi=dd713e9c3883fb189047b5ad5fe87b80

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.82.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-82-27.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Tue, 09 Nov 2021 09:05:23 GMT
via: 1.1 varnish
x-content-type-options: nosniff
server: Apache
age: 0
content-type: image/gif
cache-control: must-revalidate
x-varnish: 413501733
accept-ranges: bytes
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D21D 0
0 42ms
42ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8sDFOsSUWXzwcP3pkCqBtJuulF3RmR3hkkDDOJiIpZbCJcnpUojm63s7T2psClgrUVjWFrCLS8fcdpaE6TuZW-ERkiL5hD9nUAJcCCHm3w4DeiqGOMb9j4uoxaJSJDTkrGA_gChz1fUxUguot_204dvzlTEg03uPoP-2xYFIcl2AquEvzSClghyh6hfbAWlfieZAxSRoUSSD7kAiGxZiyTX7eQ5S9ROq2UvH4v_K7peCn8b6ugFzSPQxz4EZIVgO3G-wr4xAaJ3XwuyA8R5-362Xcyr9f_p4lRw13Uy-5fngRoSYGTR9dITbpdd7cIdRiHPAxKT8QqVYxeLKz&sai=AMfl-YRG5IVtj-RpNyI1IeB7mbCa2StKaKTRPmcYMsyi42eIquoSts438e_nIClQhXT6pRV_zcgUBhAKP8msfjIEJrzq6nhEcfb3uDTLA7JuZryeEg8LzQjxgzs78GDo9PZJ&sig=Cg0ArKJSzD7fgePWveLAEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D21D 0
0 42ms
41ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8bnheJ1R9eGzwLAfdQ8D--fINrZtV4Phd4xWyZE_D4usnMOef8O1invqrkK3GQSw_ZxSfwXLf7te5wU3LHD7sn6n8OEZXLA5bailkfOkPMBfPFs16O3Qkdht6cCe7oKq-cuA12aqv8KTgSjdXdYLs_h9b_I-VcZ2f2HcooSxMmzQZHEKW3E908TBHdzL6AWISHnK6eWyJVDDiwGNViijt4-gdqq3ElT-i2f1jCjn0HtC1oVPrfjuft4KXeREbB-9kackacu3KOEGLqDoVdbgBeq2n4n3PVRYtnoN30T7hUb4U_UD5x368JiIUmRvzHpqM7W6HjKIW5rK-T21RmM8&sai=AMfl-YQbixAUbHeuyzxJdE1w8I8_sVottJF1imzwZVI57WdyDuy0saV86JXL7b5XMeYWRtptgn1N8XxGytvBEtX0gcL-Fg6NWrWivnl45jhLk22YcfKjpZhyf8mAqTAMiqVa&sig=Cg0ArKJSzGGXQXvYJbwdEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 09 Nov 2021 09:05:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2611 0
0 42ms
41ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2xs4lu3kRzTb8FNKoCPIjXLFB3CzQdFGa_Czx2mAtI_octrU7ZZPm_TVI34c6gTP3jQQkTeb5coX7C4slXYMDIFoWN-NI_bEgmEKWHIa_nI0b2NrhjfoenekDulsXHW3fvssZqt7bPlqqOZuDMHB-VxmW8vhPxkTvLq4PK7FQdgIJNs9Gmo0CLFE3p436J6sIsj3PCUMuDcSvXIt9KvnL5OZc17GJuXgSbub9z9-nRTryD0S3OSo1PgywSiUBs1hoYk4Wabth0Zb6tdN5VcafiwnvAMUbhPKiPEpw2HYMyq4Ns2zqLNRmRK_GHXbpQxPzw2UxpzS9Jr1jM1pL1y1EJg&sai=AMfl-YQLt6F-5JysmTYS5NbgfD9fyj3DjRKRYdjxyVDvPRqfrIqFt49sB3YHfC4iKv3MDhNGKQ-l2qUJH-KVGvSTDIsTvGx73_CuyH9nCWYcGv5oyYI76QtB8yWnImFgN6XN&sig=Cg0ArKJSzE_QM0RKMledEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2611 346 KB
116 KB 15ms
14ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 09:05:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 13A4 0
0 42ms
42ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTUBSbcTxpFhF56WbFa_oZhwXO83FVaFAhSmhs0tMLZ9ZqIKzupe6ebEVY9-MAg37EgfJ2xybDZLVdUy175sWhy0QEMjpjhUryoXEiMLCaVIuIkydDeXG_tpUExTbTs9ck-oc_ouFH32YuBajNwQi2VX_n1_pItFpnjOlixrPka_8b61nyFOrwrPXj_9AZ6AKHz2p1US_-le5Cy7_kIUTIS9SIYHCFeCH6GojzRae0k2yy9cCHtOKUkeEPDZNzinb-OaLZSTzx_63ynh8auFdGbikCgjLX2Z5FbsOi4oaCu60lkXDifQqqttLWCYFig0zKNSolsEaPsGHJDVRz&sai=AMfl-YRXGKVwPWgVDOcnITRAicQ78WaKqoPWefDlgbIlwCZM2KdIJjuNPvmdje-ssF6k7gFgKaxgLVrGCaWSwzuOhWbFGeKKPrb72AV6tHvIeW6roVJgOWoQumGf0OHYaXkd&sig=Cg0ArKJSzLB_D9CjoUKeEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 13A4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcc3cd46f745cbdbf1e4f3da81126213863e8779f4736142c1c424fbf455945f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 13A4 0
0 42ms
42ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoS7H7FOeGst6zSHk1gu05BpA7Sq7-fXClOi9TISI6xwv6onU27xaYT82CH9-62FqrQSudESy0ucuMSlJsBNx4_Pq6HRrwQ_J307l_h5PXuHH4Q3RqqE6zeHLV9XvHj3m23bE4BKZzZlrpqebBGM7Rrp8tOjsoobeCLkqgI1P-FZKbu4ti-dFEFalMOQfzw10f2xVo6d0NQmZgfEVTQkFeFPHM-r5YAXJEtDRpaSTCH8g26-cGMtTBoIxq1Syz-G1oLZyyOq_26t0YIab95ZtCt-DOykb0FkQ2niqTp6knHKvMa66gwO5ze0OyL2RTMoNQAtrybg4QET8cKNcKxMs&sai=AMfl-YQc_fRC4TuUbIA-12b8r8ySAnN-s4rJ9NxCe29YxBiTHSuPH4g1xHyC26fZ1LmniVDGdzl5rr1gqVvnjNCT_9GiyVgKD3VJk-SptYUCxqnWUaLohi1sn8TnPdlaQaFQ&sig=Cg0ArKJSzH75M5LjfdgKEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 09 Nov 2021 09:05:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D243 0
0 42ms
42ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYL-Nh5JTGMA4Ar1SwIUQvyi2msFYB-ozuZ8nDiARX_KsavpZIZY_FGdCaWkRi_Pjk4pVqYuGll1Bp4lDCq4C9Xb37Po-uYOgY1ejHDNvgXHgA4u7OKXv6-YeBsN1fSbFDLnwt4s4SoYm1djFUicyrWT2EQDlyBp_q5dardGni_QSlc_mURs7elf7mlj08r_Og-chGe-8UMfzMzMm9TzFfrRtcftnFoRQPSaJm-nyC5fMHBmApA4BxA0_aj5uStmzWedW-e4jbvSoYB17KPryXRTgdbqwgyjj3O43jgJ__WMRpOlGF7pXKiJUrPLwaeReXAehi5gXNrGrPBI5HLRcebA&sai=AMfl-YRH6Ma0DIZ24G5SblZetinNH3qnRmQ4G-prbHKgdxH0_v1X2QbhJs-0Zhxa3moI5H_lyIhwq3ErpL-5H5916So3wdx54iuIr4R48NFuxH4CehMy25a7TiTa7ath_luX&sig=Cg0ArKJSzIKPUFvhNT_0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D243 346 KB
116 KB 18ms
18ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 09:05:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9419 0
0 41ms
41ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsJ3he5v0U7ZEhZGyiaBpQ_XXQern-JXMs9aeDW-JCsLQb73VJbtYqZYmURscfbLta5eN0gearGpGjQTV2i_HnVU6dGwI0_OAn0PwBz3Omffyq3y3ptzcmRm9wkaHDfukoBbM6UdpC3yv6MGaaT2257knXny34dXA2d4XvQM8Kk0BcdAALtd2BhGaEZtkIu46Egq_IAvbA1JmCvYYw8KSKGtEoL8g_VQi7SLANkW1_Oxb2bNfa9BaPf4zgs7toCVpFTuqdK-80PNjFJJg66c2WlMsHBqOlvK_ustu96IW_plIZAxtsjUF1oSxmaueNltM3jHrm6Wd17-YD27WPV33CaA&sai=AMfl-YQriUvq-sR_uJ-v0ZgQhzWHH0h4Jof4QJpaWxtcknPY0DX0t7IvwR0CW8AI-A-mBAgbExnjM41Wxb-J8sQ1Lyg7ZeAsnBV6MDIKxufok9_35BN1XcQlwcqs6pbyq9QQ&sig=Cg0ArKJSzGmiZ9w2_tyOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9419 346 KB
116 KB 42ms
41ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 09:05:24 GMT

GET
H2 200 en.b6d0da837283aa1b.js Show response
s.tradingview.com/static/localization/translations/ Frame C454 433 KB
69 KB 9ms
8ms Script
application/javascript 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/localization/translations/en.b6d0da837283aa1b.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/market-overview/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

d1652b7f1cdda02b3df9ddaf55c3bc2ded4c233a0734a053170dd224e026fbf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82758
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 08 Nov 2021 08:24:45 GMT
server: tv
etag: W/"6188decd-10e9c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: uGPVMSdYJkPUrBCG9-WK3IxhzFxipRXnkXFgGfmoH1-OVeM_ZPS0UQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.b59d080c3bb551db41c8.js Show response
s.tradingview.com/static/bundles/embed/ Frame C454 59 KB
22 KB 17ms
16ms Script
application/javascript 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/runtime.b59d080c3bb551db41c8.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/market-overview/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

ef1cc39cd5dc730ed72fababfa54b68f4b1553849bbd54ee5a1f043724534bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82759
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 08 Nov 2021 08:24:51 GMT
server: tv
etag: W/"6188ded3-5437"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: oAwM6SJPNH1on4k7J13otouiBVIYAgjk5Ngob7sZUVCMOV3iAEL62w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors_embed.32e86cc59cd44e12e10e.js Show response
s.tradingview.com/static/bundles/embed/ Frame C454 144 KB
47 KB 8ms
8ms Script
application/javascript 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/vendors_embed.32e86cc59cd44e12e10e.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/market-overview/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

6cab9f44156fa2f5bd5a49775f40ea75d5b4d917c713a341267d48cbed0b725e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 10:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2155820
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 15 Oct 2021 08:39:31 GMT
server: tv
etag: W/"61693e43-baf6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: rgpAgnZqU8G1bY2VbAPQ9WUqV64d0YaedPict1C45MBcKnQSyXwlMA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_market_overview_widget.ae564b5a3e4eedf4b678.js Show response
s.tradingview.com/static/bundles/embed/ Frame C454 569 KB
165 KB 8ms
8ms Script
application/javascript 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_market_overview_widget.ae564b5a3e4eedf4b678.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/market-overview/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

8f4ac89616fb3d9307b3c8f296a377d012e85bef2c5e3a1dd9fa7c76608717f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
Origin: https://s.tradingview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82757
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 08 Nov 2021 08:24:51 GMT
server: tv
etag: W/"6188ded3-28eea"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: BfFLMPS8Gaf82KN3TDtTjTkq7zmPjM_DXzngM96N_NCx0QOggKSnJg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css_embed_normalize.5decea81a5d9f250c172.css
s.tradingview.com/static/bundles/embed/ Frame C454 1 KB
1 KB 17ms
17ms Stylesheet
text/css 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/css_embed_normalize.5decea81a5d9f250c172.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/market-overview/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

61272354c450141b08dfb8d1bf7cb6d67e8e4236f605074ccc86c89749f7249a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 10:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10102698
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 15 Jul 2021 10:05:38 GMT
server: tv
etag: W/"60f00872-2be"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: VLh5-ju86AufwED1zq4dElynqELTaruIH17gD6ANjxiFafcgtP4bbg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed_market_overview_widget.4f5781cf6da448e46bbe.css
s.tradingview.com/static/bundles/embed/ Frame C454 67 KB
10 KB 19ms
19ms Stylesheet
text/css 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/embed_market_overview_widget.4f5781cf6da448e46bbe.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/embed-widget/market-overview/?locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

572a200079c83ed400552645301279634d74ae2f55f5cb91a6a8337e8514e7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 10:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513135
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Nov 2021 08:46:49 GMT
server: tv
etag: W/"61824c79-2629"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 0cg1CwhcRawuEIXDqeo0hk5gALJs0HxQhmr8L8uzlzxofA1lORXzug==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 64D8 3 KB
672 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://discovery.evvnt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 08:06:48 GMT
server: ESF
date: Tue, 09 Nov 2021 09:05:24 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 09 Nov 2021 09:05:24 GMT

GET
H2 403 tracker.gif
www.ivpressonline.com/shared-content/art/stats/common/ Frame 8A7A 0
48 B 83ms
83ms Image
text/plain 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ivpressonline.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vpuri=/app/pressreader.php%3Fivpid%3Drefresh&tnms_vplen=3&tnms_vt=0&tnms_vid=1636448720105160012001532151474815&tnms_pdt=Untitled%20Document&tnms_dt=Untitled%20Document&tnms_upage=1&tnms_do=www.ivpressonline.com&tnms_uri=/app/pressreader.php&tnms_ref=https%3A//www.ivpressonline.com/&rt=1636448723704
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/app/pressreader.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/app/pressreader.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:24 GMT
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 3E06 109 B
548 B 116ms
40ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 36985c6b5278b4c52916d3ec0b88582e92c3323083b2ec99c1ffbca3c93a2df3

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 09:05:24 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ivpressonline.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 09 Dec 2021 09:05:24 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ Frame 3E06 44 B
332 B 57ms
18ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 09:05:24 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ivpressonline.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ Frame 3E06 2 B
171 B 999ms
136ms XHR
application/json 52.207.5.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.ivpressonline.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.5.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-5-56.compute-1.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.ivpressonline.com
date: Tue, 09 Nov 2021 09:05:25 GMT
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
vary: Origin
content-type: application/json

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BCCA 42 B
497 B 73ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5wkhtoese4DlMaHhFfV6fIp7encmV7LD-Onz0oEUIqFOSUCOzyoIKHZiZnJMY5-C3SDVaYQj0qQfM7iP2LMDeRqEnHYYO3HGolgce32ay09cXeN29&sig=Cg0ArKJSzDRc43_ciKzXEAE&id=lidar2&mcvt=1220&p=100,577,190,1305&mtos=1220,1220,1220,1220,1220&tos=1220,0,0,0,0&v=20211108&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1696859982&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636448720997&rpt=1429&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C8D4 0
0 42ms
41ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgWJUOHUFXis-I284sbKYcsldzeXXiRykNHOlrSmeL9L5eqq-8yhuLsS7jxvxp0T2hpBWd136XF_X-BgQzoz77FF-RS2xQ2XaUI1jKZxHB2GfQJD8s3yzloFdkhgtFWKKzZTU8UfkC_Ow-2NxmcP4pKFBUTELNVompcNHO9D-sX97KnpgVtjPtG4_9pgYfcC2v-nfE-lKekkyYjwYjCi1z6xpZVXkS2IscecLqD3LMJNGlYq4hle5AWAIHCcufSR2oU8LNzjExL8TS6JDuz5n1xaILHCvrbnW6fyzDQjJgXOfFYNT1lyaJbgviyD6IyfvBokaQ_u8iCx56YMrW&sai=AMfl-YQze8Hd6JbDtMKuC7TCrHhwOBMddnCCHkGnXVfeJ-X5Gu1HI5UHGEQ92QC1re1Qs1J_O7I2dmKU36b4_trkTJsPBqrL0APZHIh85DwU-VxlLVM5MEFrx6LRTM2D0pje&sig=Cg0ArKJSzHIUxQqB6BL4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C8D4 346 KB
116 KB 18ms
18ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 09:05:24 GMT

GET
H2 200 0.js Show response
player.sendtonews.com/bidderFiles/ Frame 3E06 3 KB
1 KB 8ms
8ms Script
application/javascript 13.225.78.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/bidderFiles/0.js
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-37.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: bf1eb99c30d828154b1f083be6b4bde59bea2d9566b481462c642851991b16e3

Request headers

Referer: https://www.ivpressonline.com/
Origin: https://www.ivpressonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:54:44 GMT
content-encoding: gzip
age: 656
x-cache: Hit from cloudfront
content-length: 1032
access-control-allow-origin: *
last-modified: Fri, 10 Sep 2021 22:58:48 GMT
server: Apache
etag: "a9c-5cbac0ee11a00-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-amz-cf-id: unsUYw3kjQx-rptBu8YE9WI2NapDCjopuiilbqR9rTocPptrd_b5VQ==
expires: Tue, 09 Nov 2021 09:54:28 GMT

GET
H2 204 analytics.min.js Show response
cdn.resonate.com/analytics.js/v1/200302733/ Frame 3E06 0
169 B 53ms
17ms Script
text/plain 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 6ab5e113699f2bc6-FRA
date: Tue, 09 Nov 2021 09:05:25 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2611 107 B
165 B 317ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ivpressonline.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2611 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ivpressonline.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2611 15 KB
9 KB 389ms
388ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3989742107190364&correlator=885332769566788&output=ldjh&impl=fif&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=132916964%2Civpressonline.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=6&cookie=ID%3D855c6868de9abe31-224de51241cb0034%3AT%3D1636448721%3AS%3DALNI_MZOx3sP7gJ3ru0DrvNpnV-DfXV8VQ&cdm=www.ivpressonline.com&bc=31&abxe=1&lmt=1636448724&dt=1636448724656&dlt=1636448721529&idt=3095&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1039&adys=799&adks=3983859211&ucis=44dpgnry3qq9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=www.ivpressonline.com&loc=https%3A%2F%2Fwww.ivpressonline.com%2F&top=www.ivpressonline.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1750995675.1636448721&ga_sid=1636448725&ga_hid=727580785&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7643a35f53d1bd927e1fd7c716753117a18ce87351cc64093d016cbb21519071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9088
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ivpressonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 128E 6 KB
3 KB 29ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 09:05:25 GMT
expires: Wed, 09 Nov 2022 09:05:25 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2611 0
0 42ms
42ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYfTkcidbPxwVPMbAoSjY0lTN42cEo1DvdHW0h-OtYyskLXubiwjKLOcta0aThO5JuIg2hb-DTCr4gRBj8A9DntG1VTFx7K_uNNWc1G-ki-dUw4ldI74rCej4B-qf0BVqdwziPbHuiKKqFaM9TLAtvor0Qx4h47_bVZohIG1kpNF5tMD0JffEHZG9LwO84l2jCUcoeZ_zmtXGZdEKLO3kh9cqKfZQiV6QkduMmDVOv_HDDemFO-FJLm8zZ_n58sm-35CbsgRgdOFjBSAJ0jdFL0dbKqXM5a3G4FShnQl2kgFVBZxmL5GKHIHUxWEOqZ0_vpx0Z-q1uqLnJMbYVuw7-Ztpj&sai=AMfl-YQJBbfAfdw-oUKgzSJc09HD60O-h2gZgJK-pH_Wep_mo_gT5G95FA10ks0IwxJWbZYXzTf3nD9UR9aeAw9b6K4YbhM8Xh0aHKyBN0VMDU6oWC50Nd8r6pb1a6dSU1G2&sig=Cg0ArKJSzOLQ41lAkdGaEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 09 Nov 2021 09:05:25 GMT

GET
DATA 200
OK truncated
/ Frame 2611 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14d8649633f5088f68ebf1993c0a86ad25507d9f951f795839f3a5fde069aae9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 64D8 19 KB
20 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ivpressonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 04:48:55 GMT
x-content-type-options: nosniff
age: 447390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 04:48:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 64D8 163 KB
60 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LM5S7ZWXZV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T8HXK8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b62b287de1e0fd1feb43b086475757f655527979073fa635983296e34d7779b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61681
x-xss-protection: 0
expires: Tue, 09 Nov 2021 09:05:25 GMT

GET
H2 200 masonry.pkgd.min.js Show response
yumasun.friends2follow.com/sites/all/modules/friends2follow/js/ Frame 1709 23 KB
7 KB 104ms
103ms XHR
application/javascript 52.3.82.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://yumasun.friends2follow.com/sites/all/modules/friends2follow/js/masonry.pkgd.min.js

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.82.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-82-27.compute-1.amazonaws.com

Software

Apache /

Resource Hash

13aebf2418a90a3a408fd528fcf45f90027657e5db7cd180312135b639da37c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Tue, 09 Nov 2021 09:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2016 21:28:54 GMT
server: Apache
age: 419
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=1209600
x-varnish: 413501772 413490858
accept-ranges: bytes
content-length: 7034
expires: Tue, 23 Nov 2021 08:58:26 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9419 107 B
165 B 74ms
26ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ivpressonline.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9419 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ivpressonline.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9419 449 B
259 B 772ms
771ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=721900699798839&correlator=2578150150506070&output=ldjh&impl=fif&eid=31063135%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=132916964%2Civpressonline.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=6&cookie=ID%3D855c6868de9abe31-224de51241cb0034%3AT%3D1636448721%3AS%3DALNI_MZOx3sP7gJ3ru0DrvNpnV-DfXV8VQ&cdm=www.ivpressonline.com&bc=31&abxe=1&lmt=1636448724&dt=1636448724912&dlt=1636448721694&idt=3186&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1039&adys=5132&adks=3983859211&ucis=sbiwoorzt8q3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=www.ivpressonline.com&loc=https%3A%2F%2Fwww.ivpressonline.com%2F&top=www.ivpressonline.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1750995675.1636448721&ga_sid=1636448725&ga_hid=1173675877&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ea6542fe9043cfeaae61271ab38800733059867abfee9f23c1296059b7b4be96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ivpressonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e44dcf66a235fce449272c763b2edfc2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4017 6 KB
3 KB 41ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e44dcf66a235fce449272c763b2edfc2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 09:05:25 GMT
expires: Wed, 09 Nov 2022 09:05:25 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9419 0
0 41ms
41ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_j1rIRRMaL6JcCNHNaf45-KfHR6QJxwREkEjTdU7mXkUWLZm--OKypdODuexeYfnWu554A3cmYG21elD3B2eD17-j5kl4luKn1yJaYPPqQsecZKFfiNzlbpQ8qGOKjmU6n13WYZHnBTg3g62ms7F3ZVJ3hIszp1P6ygYduQ5oFXqlV5tPK05h1Z6XJ7FRPtIwt8dVS-qBmzibrTeqVsQJTEh3orthE3tTFTBMhnz7rIdKBgcZT3WWhLeeBI2u21FewKVyPuldhhORo_-UYsckpScCWuO5Zg3L6bEbl7bdGqUmSO6EqjrTg06jCmgAM00AfZSK4V-DxSkunCCn5hyDmFC7&sai=AMfl-YTIk_0_i46O4g4LKxhYGa3WraaJ1ZHdsZ3Nsux0Pvh9ed12EQR-dUZ9dtLex0Coy8Y-RhcleNDcowm2LG2SCHqmohBoHmmy-X1ax2oYancBEEwTln9ujaAxNzxtDNr7&sig=Cg0ArKJSzB_uLGfF1dt1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 09 Nov 2021 09:05:25 GMT

GET
DATA 200
OK truncated
/ Frame 9419 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 760220b8d9f6676deb9839eb92c83e7e4bfc9e7c119e2fb63fd6aee36933a050

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 3E06 44 KB
44 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ivpressonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 42808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 21:11:57 GMT

GET
DATA 200
OK truncated
/ Frame 3E06 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.ivpressonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 3E06 44 KB
44 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ivpressonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 42808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 21:11:57 GMT

GET
H2 200 bridge3.488.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 363A 580 KB
190 KB 315ms
14ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194718
date: Fri, 05 Nov 2021 21:20:07 GMT
expires: Sat, 05 Nov 2022 21:20:07 GMT
last-modified: Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 301518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK data_stn_l.php Show response
timber.sendtonews.com/timber/ Frame 3E06 0
253 B 766ms
240ms XHR
text/html 50.17.207.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=5b3IdoCM&ES_key=5b3IdoCM&ES_ID=31182&S_RKEY=0&USR_ID=214062640&ST_usrKey=22Zx-fvNwpFFs8y5&SM_ID=0&C_ID=12120&C_companyName=RISN&version=650210070&sC_ID=0&AC_ID=2010&TYPE=BARKER&EXTREF=https://www.ivpressonline.com/&REF=https://www.ivpressonline.com/&PLAYERWIDTH=749&PLAYERCODE=LVFNSN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.207.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-207-51.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:26 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 0
Expires: Tue, 09 Nov 2021 09:05:27 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 3E06 26 B
186 B 101ms
101ms Image
image/gif 100.25.5.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=22Zx-fvNwpFFs8y5&instance=214062640&version=65.21.7&age=211109&cmd=GET&key=5b3IdoCM&c_id=12120&seq=0&order=2&EXTREF=https://www.ivpressonline.com/&REF=https://www.ivpressonline.com/&playerCfg=BR&canonical=https://www.ivpressonline.com/
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.5.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-5-11.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:25 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H/1.1 200
OK data_stn_l.php Show response
timber.sendtonews.com/timber/ Frame 3E06 0
253 B 666ms
140ms XHR
text/html 50.17.207.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=5b3IdoCM&ES_key=5b3IdoCM&ES_ID=31182&S_RKEY=nEINZbC1wV&USR_ID=214062640&ST_usrKey=22Zx-fvNwpFFs8y5&SM_ID=1247804&C_ID=12120&C_companyName=RISN&version=650210070&sC_ID=9956&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.ivpressonline.com/&REF=https://www.ivpressonline.com/&PLAYERWIDTH=749&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.207.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-207-51.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:26 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 0
Expires: Tue, 09 Nov 2021 09:05:27 GMT

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3E06 44 KB
17 KB 122ms
19ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 09:05:25 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 3E06 26 B
186 B 101ms
101ms Image
image/gif 100.25.5.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=22Zx-fvNwpFFs8y5&instance=214062640&version=65.21.7&age=211109&cmd=RTP&key=5b3IdoCM&c_id=12120&seq=1&order=3&EXTREF=https://www.ivpressonline.com/&REF=https://www.ivpressonline.com/&playerCfg=BR&sC_ID=9956&sm_id=1247804&load=1&status=LVFNLNIY&ac_id=2008
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.5.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-5-11.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:25 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame D243 107 B
165 B 322ms
21ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ivpressonline.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D243 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ivpressonline.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D243 449 B
259 B 695ms
695ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3859272977251331&correlator=531748183678989&output=ldjh&impl=fif&eid=31060437&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=132916964%2Civpressonline.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&eri=6&cookie=ID%3D855c6868de9abe31-224de51241cb0034%3AT%3D1636448721%3AS%3DALNI_MZOx3sP7gJ3ru0DrvNpnV-DfXV8VQ&cdm=www.ivpressonline.com&bc=31&abxe=1&lmt=1636448725&dt=1636448725208&dlt=1636448721651&idt=3484&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=2&adxs=1039&adys=3248&adks=1309324074&ucis=9gz4yo3m1nzb&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=www.ivpressonline.com&loc=https%3A%2F%2Fwww.ivpressonline.com%2F&top=www.ivpressonline.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1750995675.1636448721&ga_sid=1636448725&ga_hid=2058394159&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

86e5f8e70584839d99ec3cab0bbac8fe4c53e5e143cd0c0b4c2bed47d31e3406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ivpressonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ecafd18a3ea3b8148b2000f40512e14f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8F7D 6 KB
3 KB 44ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ecafd18a3ea3b8148b2000f40512e14f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 09:05:25 GMT
expires: Wed, 09 Nov 2022 09:05:25 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D243 0
0 54ms
53ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtcb_3wXFWMxjixb8uQKp0GZQLCALLlVUcAublb-fn2TDh983P-aHbY3nzUyVKWwdxmcCXGFQ-2w_xBR11dTomUzTdFB_wcerspTEhBqRUG-_BRQZwSWpvMKijAap-gwrp38rcf1aQnIFCs0nZORzC4keSUZCBcHggzjUS3KCv1C5rGGiT8HdnHormqTXPJxODl-UtDgm5wNXRzAx-02stS0O7gLevOtTPZHrCg5_E9hvbhIoj3OKipDp8exmqqW9FdRFClFHHqx490dRoceHKBY0DNYk8E7IDOhZcRL3WW5SXI21lGLzVcfopAgj-nyI4pkTxf-p8ZHo6i8aBPhppnpJ8&sai=AMfl-YThYboQwYjqA6siCrEFtAmUGRwh8TrA7FtnZEFC7HiIx_A0lch5VxLtkYrMx0O07z82pcSGnYjkufx1Z0I5qb8RLKo305UPWOwSem4kK_HifkeZIDdv-CVzJKWVdtM7&sig=Cg0ArKJSzGq_BqYi_3dkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 09 Nov 2021 09:05:25 GMT

GET
DATA 200
OK truncated
/ Frame D243 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22ec5e6c4f0745076b79a07bf3accbdb29633457a8ad716ff9cdbcb36b8bd493

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK bc76bc75-c0e8-45b3-921d-bd34f23a5364
https://www.ivpressonline.com/ Frame 3E06 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ivpressonline.com/bc76bc75-c0e8-45b3-921d-bd34f23a5364
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 friends2follow_infinitescroll_and_share_follow.min.js Show response
yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1709 24 KB
13 KB 105ms
105ms XHR
application/javascript 52.3.82.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_infinitescroll_and_share_follow.min.js

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.82.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-82-27.compute-1.amazonaws.com

Software

Apache /

Resource Hash

479789ebc7c7b79e6b0a3cd5769880403fedb19890b2c1a959cdd9a400f90db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://yumasun.friends2follow.com/f2f/widget/html/socialstack/172/0/12/130/1/1/0/10
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Tue, 09 Nov 2021 09:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2017 17:48:57 GMT
server: Apache
age: 10
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=1209600
x-varnish: 413501792 413501589
accept-ranges: bytes
content-length: 13249
expires: Tue, 23 Nov 2021 09:05:15 GMT

GET
H2 200 container.html Show response
c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B4A4 6 KB
3 KB 308ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 09:05:25 GMT
expires: Wed, 09 Nov 2022 09:05:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 3E06 1 KB
1 KB 8ms
8ms Image
image/png 13.224.186.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 02:28:49 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 50051
etag: "cb93bb50e5d021cc38de445a672c18a2"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1094
x-amz-cf-id: _E07FsIP0ANtVWLOhpIIle_FTmzq20yv-UScfXyT1jyhCfNvS6zAHg==

GET
H2 200 facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 3E06 322 B
636 B 9ms
8ms Image
image/png 13.224.186.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:55:09 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 68727
etag: "311cf2edc46e82f2a6911332b7db54e1"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 322
x-amz-cf-id: eIdRimbZLA6v1T7j5T-eQn8ZS9xbpK2Kdd3TrHrjD-Y27hHBo341Tg==

GET
H2 200 twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 3E06 832 B
1 KB 9ms
8ms Image
image/png 13.224.186.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:02:39 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 49390
etag: "8be584e844dabfe22970a0cb943c047e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 832
x-amz-cf-id: pE6RCFDcm0YQC9LJ1REvRklyKnHruOwrxGyx_qziSVUUY0kmIG4-yQ==

GET
H2 200 email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 3E06 773 B
1 KB 9ms
9ms Image
image/png 13.224.186.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:37:53 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 59273
etag: "4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 773
x-amz-cf-id: 76_5uiCNSijGZfP8wzhUaj0Q7SEuyWyyhSexQpHN1V1z2b5OArF1bw==

GET
H/1.1 200
OK publisher_settings Show response
evvnt-api.global.ssl.fastly.net/publishers/ivpressonline.com/ Frame 64D8 6 KB
2 KB 436ms
401ms XHR
application/json 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://evvnt-api.global.ssl.fastly.net/publishers/ivpressonline.com/publisher_settings?api_key=

Requested by

Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

3fffa3b1ac035b49a95a182e4750479784d527070b6908bdead16bc7f5b88759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31535000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Via: 1.1 vegur, 1.1 varnish
X-Cache: MISS
Connection: keep-alive
Vary: Accept-Encoding, Origin
Content-Length: 1590
X-Xss-Protection: 1; mode=block
X-Request-Id: 85021b5c-b31c-4dae-adcc-0775ca98fa58
X-Served-By: cache-fra19126-FRA
X-Runtime: 0.031886
Server: Cowboy
X-Timer: S1636448726.015459,VS0,VE395
X-Frame-Options: SAMEORIGIN
Date: Tue, 09 Nov 2021 09:05:26 GMT
Access-Control-Max-Age: 7200
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Pagination-Current, X-Pagination-Pages, X-Pagination-Total
Cache-Control: max-age=600, public
Etag: W/"3fffa3b1ac035b49a95a182e47504797"
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK publisher_settings Show response
evvnt-api.global.ssl.fastly.net/publishers/ivpressonline.com/ Frame 64D8 6 KB
2 KB 435ms
401ms XHR
application/json 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://evvnt-api.global.ssl.fastly.net/publishers/ivpressonline.com/publisher_settings?api_key=

Requested by

Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

3fffa3b1ac035b49a95a182e4750479784d527070b6908bdead16bc7f5b88759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31535000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
Via: 1.1 vegur, 1.1 varnish
X-Cache: HIT
Connection: keep-alive
Vary: Accept-Encoding, Origin
Content-Length: 1590
X-Xss-Protection: 1; mode=block
X-Request-Id: 85021b5c-b31c-4dae-adcc-0775ca98fa58
X-Served-By: cache-fra19178-FRA
X-Runtime: 0.031886
Server: Cowboy
X-Timer: S1636448726.016552,VS0,VE394
X-Frame-Options: SAMEORIGIN
Date: Tue, 09 Nov 2021 09:05:26 GMT
Access-Control-Max-Age: 7200
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Pagination-Current, X-Pagination-Pages, X-Pagination-Total
Cache-Control: max-age=600, public
Etag: W/"3fffa3b1ac035b49a95a182e47504797"
Accept-Ranges: bytes
X-Cache-Hits: 1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3E06 138 B
825 B 59ms
33ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

dff15e07af8f0ea2fccff57d665d0063fd34750f00b28209c07a9dcd92ed0184

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 09:05:26 GMT
X-Proxy-Origin: 136.243.198.80; 136.243.198.80; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ab8f85a6-ff10-44cd-a18a-14ef8bf6ecd3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ivpressonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 3E06 173 B
388 B 83ms
19ms XHR
application/json 52.57.255.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.255.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-255-59.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7a527230d3ca129b0fd199db5340393417d671facbfa208004a7b91fae3773a0

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.ivpressonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 169
expires: 0

POST
H/1.1 204
No Content 229991 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 3E06 0
1 KB 158ms
51ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/229991
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Tue, 09 Nov 2021 09:05:26 GMT
X-SpotX-Timing-Transform: 0.000329
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.001365
X-spotx-Exception-0-RESULT: failure
X-SpotX-Timing-Page-Require: 0.000327
X-spotx-Exception-0-ID: MARKET_HALTED
Connection: keep-alive
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.028480
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000279
X-fe: 082
Last-Modified: Tue, 09 Nov 2021 09:05:26 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.024500
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ivpressonline.com
X-SpotX-Timing-Page-Misc: 0.001649
X-SpotX-Timing-Page-Exception: 0.000019
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.024500
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 3E06 0
222 B 77ms
8ms XHR
application/json 3.122.136.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SendtonewsDirect
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.136.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ivpressonline.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 3E06 24 B
377 B 50ms
26ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&r=%7B%22id%22%3A%22967a367501fdda%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221075c397c1e0be5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%2C%22sid%22%3A%22749x421%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A749%2C%22h%22%3A421%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%2C%22sizes%22%3A%5B%5B749%2C421%5D%5D%2C%22playerSize%22%3A%5B%5B749%2C421%5D%5D%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ivpressonline.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22sid%22%3A%22vIELRGjeioDxfMyKGHFQlg%22%2C%22hp%22%3A1%2C%22rid%22%3A%22da6ec3cd-f921-4ca8-83f4-0c4dcab8fe27%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22bf35582e-6696-486b-a5e7-1d8f7f8b8eb1%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-09T09%3A05%3A24%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D&ac=j&sd=1&nf=1
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ab5b0ad63a66822cf078261c09657c1571d0dd3253da9a2cad6ca468dbc96da

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.80], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ivpressonline.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Tue, 09 Nov 2021 09:05:26 GMT

GET
H2 200 avjp Show response
sendtonews-d.openx.net/v/1.0/ Frame 3E06 106 B
481 B 59ms
25ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sendtonews-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.ivpressonline.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9c922c68-bb8d-4761-8e7d-f71701405978&nocache=1636448725630&schain=1.0%2C1!sendtonews.com%2CvIELRGjeioDxfMyKGHFQlg%2C1%2Cda6ec3cd-f921-4ca8-83f4-0c4dcab8fe27%2C%2C&auid=540931806&vwd=749&vht=421
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:26 GMT
via: 1.1 google
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.ivpressonline.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 3E06 0
120 B 108ms
59ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ivpressonline.com
date: Tue, 09 Nov 2021 09:05:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 tag Show response
pi979-10rsz.ads.tremorhub.com/ad/ Frame 3E06 55 B
422 B 424ms
199ms XHR
application/json 2600:1f18:612b:4200:f618:eaed:4120:e6cb
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi979-10rsz.ads.tremorhub.com/ad/tag?adCode=pi979-bkhbg&playerWidth=749&playerHeight=421&srcPageUrl=https%3A%2F%2Fwww.ivpressonline.com%2F&supplyCode=pi979-10rsz&c4=ic_0702043,ic_9301104,ic_4962242,ic_9954675,ic_2592227&schain=1.0,1!sendtonews.com,vIELRGjeioDxfMyKGHFQlg,,da6ec3cd-f921-4ca8-83f4-0c4dcab8fe27,,&transactionId=9c922c68-bb8d-4761-8e7d-f71701405978&referrer=https%3A%2F%2Fwww.ivpressonline.com%2F&hb=1&fmt=json
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:f618:eaed:4120:e6cb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 025b0513b3f42471d06c42668a83e9d2fcebcf267fbb0895b8cb9114511662a6

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.ivpressonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: application/json;charset=UTF-8

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ Frame 3E06 0
436 B 32ms
12ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fwww.ivpressonline.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 09:05:26 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.80], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.ivpressonline.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Tue, 09 Nov 2021 09:05:26 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C8D4 107 B
165 B 17ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ivpressonline.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C8D4 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ivpressonline.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C8D4 342 B
174 B 254ms
254ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2642831976271669&correlator=414523334808942&output=ldjh&impl=fif&eid=31063406%2C44748552&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=132916964%2Civpressonline.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=6&cookie=ID%3D855c6868de9abe31%3AT%3D1636448721%3AS%3DALNI_MbLUAdLJzXhpbH9__Uq67eNW75sGw&cdm=www.ivpressonline.com&bc=31&abxe=1&lmt=1636448725&dt=1636448725768&dlt=1636448721882&idt=3827&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=8204&adks=2642056438&ucis=24pgrf5ffovj&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=www.ivpressonline.com&loc=https%3A%2F%2Fwww.ivpressonline.com%2F&top=www.ivpressonline.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=728x0&ga_vid=1750995675.1636448721&ga_sid=1636448726&ga_hid=803885129&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

44e27d81b5bf65b30534bcf5c53c30061a9ec2c4ae24d697d195c9a8612f62ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ivpressonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
86d9fe17ad8913f96795d1e3e76e6c24.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 09FD 6 KB
3 KB 50ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://86d9fe17ad8913f96795d1e3e76e6c24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 09:05:26 GMT
expires: Wed, 09 Nov 2022 09:05:26 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C8D4 0
0 42ms
42ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvOm14lpkByTqKhs8iFhJ3mEd8N_vx3U8zUk38WvudtSP3jJ6xuXBSGbUtE1gYgXyX_SFX8D1j7XvR91oDDqbhULWicM3O6VHDaqrqWeZq9ZE6sAIs0j9DsUbwflpFStNhldJYEnSkIPyrTon9NLwPxxpOvUEtE3IHbpGYgTeoKW7Qq_iOyHxtAtmYjVxmbzY5sHV6ydEw54nGa_uBg9OcoRadSK3ExqDN2e0tSaNvK0WHFNwaMwwROC6KPLJ_bF8TscDnaHps7doDqAS0s7uaIgAK0oMuei9XrvL2Dix6sj7HZrdNnnrUYglG3LhVjsp9DxgeISQCZuDABQVyde8&sai=AMfl-YQi9q8QOCvI6AhV9fE0_kqU6b3hfUVY41_n85ZBv3yHwLc8wr4F0W-gcRpjHkjq_iDnO2E41Ee8SxNLqHmr-ft5tbbEICOiVMwZxFTheX9A_nL65tRJ9db-wIHMueNH&sig=Cg0ArKJSzCwkYRGlmiqaEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 09 Nov 2021 09:05:26 GMT

GET
DATA 200
OK truncated
/ Frame C8D4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0be94cf5f4248f382616d037d14983bb51168a7d166bffa57bf74084050f7af0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 077E 37 KB
13 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 09 Nov 2021 09:18:40 GMT

POST
H2 204 collect
www.google-analytics.com/g/ Frame 64D8 0
56 B 14ms
14ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LM5S7ZWXZV&gtm=2oeb80&_p=868411477&sr=1600x1200&ul=en-us&cid=1750995675.1636448721&_s=1&dl=https%3A%2F%2Fwww.ivpressonline.com%2F&dt=Evvnt%20Discovery%20Plugin&sid=1636448724&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LM5S7ZWXZV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ivpressonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2611 42 B
108 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKcc8a7Gyk-kxnw8zzMwjZrpu8v9jyzCGiCYaVZz32YfPjpmpdcwi8eD2exVFUJi_DPismZzkh-lZBV9LlopsHdMbxKsVFQGPbBbjJp0GKyeHwZdww&sig=Cg0ArKJSzE_l9C4YsHfhEAE&id=lidar2&mcvt=1200&p=799,1039,1049,1339&mtos=1200,1200,1200,1200,1200&tos=1200,0,0,0,0&v=20211108&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1676280003&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636448721528&rpt=3169&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 1709 96 KB
29 KB 40ms
16ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (frb/67AA)
Age: 1072
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29104

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 1709 52 KB
21 KB 63ms
39ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e21aa289818ac270e2647b8f04a0b04a78716f57797940f6fea477c6d03b7e56

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8EGkDpLA0escaiNd0G4sGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "b25f111da50a2c91d2f1bce5d2447ba4"
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-8EGkDpLA0escaiNd0G4sGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires: Tue, 09 Nov 2021 09:05:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame C454 90 KB
36 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-96861365-1

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/embed_market_overview_widget.ae564b5a3e4eedf4b678.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5633b1de3e377c75761bb451d5fae5e0d8f5f2322ccb760a98d564aec84b0355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36401
x-xss-protection: 0
expires: Tue, 09 Nov 2021 09:05:26 GMT

GET
H2 200 305.ec7ca0f804a63d865c10.css
s.tradingview.com/static/bundles/embed/ Frame C454 801 B
757 B 8ms
7ms Stylesheet
text/css 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/305.ec7ca0f804a63d865c10.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b59d080c3bb551db41c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 10:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2242159
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 14 Oct 2021 08:46:20 GMT
server: tv
etag: W/"6167ee5c-104"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: vtJTU1IhXacWDXBw1WAqTTan4mnKB2insvcpnucFMigNa_MtWPZy3A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tradingview-copyright-data-impl.bc2a1d12352656925c8a.js Show response
s.tradingview.com/static/bundles/embed/ Frame C454 4 KB
3 KB 8ms
7ms Script
application/javascript 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/tradingview-copyright-data-impl.bc2a1d12352656925c8a.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b59d080c3bb551db41c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

6f4c7baf55e7c028d298c83e4a92e38dd451d5c025ed77ddc4703f4e0fb66253

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 11:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6385999
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 27 Aug 2021 09:21:05 GMT
server: tv
etag: W/"6128ae81-8cc"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: YZSB888nf4KmRCxtz3pl92aufgnVnIr1ANfFE1dowQ19uZGHgeQACg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 48.9078fb8f1629e3eee9bd.css
s.tradingview.com/static/bundles/embed/ Frame C454 4 KB
1 KB 8ms
7ms Stylesheet
text/css 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/48.9078fb8f1629e3eee9bd.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b59d080c3bb551db41c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

967c00071fa379622aedf84e215f7fe3fc73a7bfe167ecbd246e613cccd68326

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2415319
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Tue, 12 Oct 2021 08:49:16 GMT
server: tv
etag: W/"61654c0c-3da"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: H_mYAlobxUUkGV64D_9QX2qrE5XK3k33Z1xdZ9vN0oi6PkGdCTeVJQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 167.9110e93f1e53c3c319b9.css
s.tradingview.com/static/bundles/embed/ Frame C454 3 KB
1 KB 8ms
8ms Stylesheet
text/css 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/167.9110e93f1e53c3c319b9.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b59d080c3bb551db41c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

401648263b2e824940392d7846ea093e62d13ceaef308d854696d839d109fdb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 10:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1032619
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 28 Oct 2021 08:50:34 GMT
server: tv
etag: W/"617a645a-38a"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: QVJbAnkqkcXD7u2UtRlg_iMVl37BknD0YPmsUN4YAWadpMaIudhVSw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 225.dacaab2695d721575e15.css
s.tradingview.com/static/bundles/embed/ Frame C454 2 KB
1 KB 9ms
8ms Stylesheet
text/css 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/225.dacaab2695d721575e15.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b59d080c3bb551db41c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

f179d9e9a27b609a2e24166123c777dc60d125cca6fcf6fe8b2c8e2e75013881

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 10:15:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1032615
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Thu, 28 Oct 2021 08:50:35 GMT
server: tv
etag: W/"617a645b-259"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ddcrlEX-qOTwwVXtVFKhcA9qlUtJBPcmCQJbM0Z47EZKYPwsRW9T6g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0.b50c6303aea394b27ce8.js Show response
s.tradingview.com/static/bundles/embed/ Frame C454 120 KB
40 KB 9ms
8ms Script
application/javascript 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/0.b50c6303aea394b27ce8.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b59d080c3bb551db41c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

3c32fcaa22c2178b3c28ca8085bb1f30f7b2f6c0fdf5db53422ac28ad6150209

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2473230
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 11 Oct 2021 09:47:00 GMT
server: tv
etag: W/"61640814-9b11"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Tlfv98tJxusISHKmBk2vJfCdHYwdhHvBUgyVcQZXLkmOWvU-P6YFlQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10.e6a02768c4ed414d266f.js Show response
s.tradingview.com/static/bundles/embed/ Frame C454 8 KB
3 KB 10ms
9ms Script
application/javascript 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/10.e6a02768c4ed414d266f.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b59d080c3bb551db41c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

74aa6fb66a0a982cf50725b974770201327b4916552e4b4f6063a466d3dd06e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 682220
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Nov 2021 10:37:14 GMT
server: tv
etag: W/"617fc35a-9c8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: m3RxPn1wMnsY7dkCeH7exlpysxBoh3-mqyYqnRWKvT5lz-xgAFVjNQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 16.59706ee061f3352fe294.js Show response
s.tradingview.com/static/bundles/embed/ Frame C454 17 KB
6 KB 10ms
9ms Script
application/javascript 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/16.59706ee061f3352fe294.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b59d080c3bb551db41c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

0ca25a5e5a63db64127da8be18cc390fa09e78b2619763dab21d9ae65ef28418

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 23:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3145793
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Fri, 01 Oct 2021 11:50:50 GMT
server: tv
etag: W/"6156f61a-15bf"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: IHdszpaiLsJd5NGTBVjRRZ3Z7WE_jUxOPs-gaYnAGiSjJ3afgCfJ1g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 47.16fbbe8f88aa57b0e472.js Show response
s.tradingview.com/static/bundles/embed/ Frame C454 5 KB
2 KB 10ms
9ms Script
application/javascript 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/47.16fbbe8f88aa57b0e472.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b59d080c3bb551db41c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

1d08186d26c440375e0f6a03ea56ede4ceb2ed87ff149c6d61c04bb186fe28e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 10:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5351779
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 08 Sep 2021 09:32:21 GMT
server: tv
etag: W/"61388325-62c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: GwPTkpEVpMcPOGh7JsYvkV6J331XjCKaxYNwEf8YW7jcl3DDjN8w8A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 create-tab-labels-impl.3e87f0ca71055c01424c.js Show response
s.tradingview.com/static/bundles/embed/ Frame C454 11 KB
5 KB 11ms
10ms Script
application/javascript 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/create-tab-labels-impl.3e87f0ca71055c01424c.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b59d080c3bb551db41c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

1d6b9def25663bab45e8cffa49ba5a9a995ad73b9294efd1f9938257df5c8427

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5952678
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Wed, 01 Sep 2021 09:36:54 GMT
server: tv
etag: W/"612f49b6-10d4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: N2yPd6YR3_XXmh7cb1mE6pd6i_7vqjaPNZxRZbYLt002vxW9DFMHTg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK / Show response
evvnt-plugin-proxy.global.ssl.fastly.net/ Frame 64D8 2 KB
1 KB 128ms
95ms XHR
application/json 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://evvnt-plugin-proxy.global.ssl.fastly.net/?publisher_id=8197&api_key=IVPRESSONLINE&facet_filters=%5B%22featured_publisher_ids%3A8197%22%2C%22blacklisted_publisher_ids%3A-8197%22%2C%5B%22editorial_tools_publisher_ids_filter%3A8197%22%2C%22editorial_tools_publisher_ids_filter%3Abackfill%22%5D%5D&hits_per_page=3&page=0&include_in_progress=true&catchments_hash=265463342

Requested by

Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

3be85bad3a3e487735dc0beea94a98820dfb19623ad6aec0513017c9984311ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:26 GMT
Via: 1.1 vegur, 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 3330
X-Cache: HIT, MISS
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 751
X-Served-By: cache-dca17727-DCA, cache-fra19129-FRA
Server: Cowboy
X-Timer: S1636448727.560442,VS0,VE88
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3871, stale-while-revalidate=60, stale-if-error=43200
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 64D8 75 KB
76 KB 28ms
12ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.ivpressonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 1237726
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 619c17094574e80765055d72ee6bfdd9
accept-ranges: bytes
cf-ray: 6ab5e11cee404ed3-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 64D8 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ivpressonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 42809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 21:11:57 GMT

GET
H/1.1 200
OK / Show response
evvnt-plugin-proxy.global.ssl.fastly.net/ Frame 64D8 2 KB
1 KB 115ms
93ms XHR
application/json 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

3be85bad3a3e487735dc0beea94a98820dfb19623ad6aec0513017c9984311ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:26 GMT
Via: 1.1 vegur, 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 3330
X-Cache: HIT, HIT
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 751
X-Served-By: cache-dca17727-DCA, cache-fra19128-FRA
Server: Cowboy
X-Timer: S1636448727.562375,VS0,VE86
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3871, stale-while-revalidate=60, stale-if-error=43200
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3E06 3 KB
2 KB 60ms
37ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/92056281/imperialvalleypress-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https://www.ivpressonline.com/&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=1247804&cust_params=sessionKey=214062640-22Zx-fvNwpFFs8y5%26schain=sendtonews.com,vIELRGjeioDxfMyKGHFQlg%26content=9956%26placementType=Premium%26embed=5b3IdoCM%26domain=ivpressonline.com%26player_size=large%26player_width=749%26player_height=421%26player_type=barker%26version=65.21.7%26player_status=LVFNLNIY%26play_code=2008%26view100=1%26excl_cat=stl_id00189%26rand=14%26devicetype=desktop%26iris_id=iris_6f4e795efc4f7999%26iris_context=ic_0702043,ic_9301104,ic_4962242,ic_9954675,ic_2592227

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ce1aca167efbc21d5b4054402eb6dc9b7d203cb5eb8047d2dce6660e7ce0dae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 964
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.ivpressonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9419 12 KB
9 KB 20ms
20ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca508bb8d27607a13ebcab6dd5266f8de233bccca1c3add8323138b5d7f5fd7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9410
x-xss-protection: 0

GET
H2 200 bl-null.js Show response
tagan.adlightning.com/townnews/ Frame B4A4 0
356 B 403ms
403ms Script
text/plain 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-null.js
Requested by: Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: sioiBZ23vWdRQHGqdFj0Itnffu8xR4D.
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jun 2020 18:38:17 GMT
server: AmazonS3
age: 14432
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/plain
date: Tue, 09 Nov 2021 06:54:58 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: jO6umH2Fzea_txaH1wFcxRCfvCJLqkZL6f59feRLpDl_RaBD3LJJCw==

GET
H2 200 b-null.js Show response
tagan.adlightning.com/townnews/ Frame B4A4 0
356 B 388ms
388ms Script
text/plain 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-null.js
Requested by: Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: sioiBZ23vWdRQHGqdFj0Itnffu8xR4D.
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jun 2020 18:38:17 GMT
server: AmazonS3
age: 14432
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/plain
date: Tue, 09 Nov 2021 06:54:58 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 9edeuGGSkJwgioRa86UfamuPnCuNyjNzBpA6WcYATgFWz95MpKbCXA==

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B4A4 42 B
286 B 41ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BsnNG9tjG_VYGCwuiVVRalTBoNjalV8lcDiGp9crCC1iMBR-NiHc7U-4rUo7PaYRqMvwbLFmpxsULZsJriH07YhHs93majJaSTy9v3nPrIRzjxkPg

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame B4A4 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 09:03:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4A4 121 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 09:05:27 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame B4A4 15 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 09:02:59 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D243 12 KB
9 KB 21ms
20ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea87d66514e6957a76b4cb3bcd3df768f04487e2f3e0ce52b72c9027821b7b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9348
x-xss-protection: 0

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame 0FDF 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fyumasun.friends2follow.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1595013
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 09 Nov 2021 09:05:26 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6731)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3E06 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ivpressonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 427.eed2a0543de78f48cd7e.css
s.tradingview.com/static/bundles/embed/ Frame C454 802 B
838 B 8ms
8ms Stylesheet
text/css 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/427.eed2a0543de78f48cd7e.css

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b59d080c3bb551db41c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

4a9732d23296237036ee1a40b16aa13d6d80f933e783c3b86f543504b34b52d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2501118
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 11 Oct 2021 09:46:57 GMT
server: tv
etag: W/"61640811-154"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: LPY-XYqT3NCPeFqa2sjyvh0oWvrg8gt7Sor0HLfVDvJPU6xKD3bXsw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 time-frame-view-renderer.806add843185130edcd9.js Show response
s.tradingview.com/static/bundles/embed/ Frame C454 11 KB
5 KB 8ms
8ms Script
application/javascript 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tradingview.com/static/bundles/embed/time-frame-view-renderer.806add843185130edcd9.js

Requested by

Host: s.tradingview.com
URL: https://s.tradingview.com/static/bundles/embed/runtime.b59d080c3bb551db41c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

tv /

Resource Hash

fcddb01854139eb257231ab7cf53828c4271e22b6de566e51486726ae97ada0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/embed-widget/market-overview/?locale=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 11:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6125299
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
referrer-policy: origin-when-cross-origin
last-modified: Mon, 30 Aug 2021 09:58:29 GMT
server: tv
etag: W/"612cabc5-10fb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Zoc8BDyB3b-lFWneA1NOxTel_0_i9gRnnaS4xjMBoO9pwzMS1cL8Qw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9419 17 KB
7 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 09 Nov 2021 09:05:26 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D243 17 KB
6 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 09 Nov 2021 09:05:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C454 49 KB
20 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-96861365-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tradingview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3892
date: Tue, 09 Nov 2021 08:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Nov 2021 10:00:34 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C8D4 12 KB
9 KB 21ms
21ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b9725e198943fc29b22ee3fb85a811bc403cb56a8ae779382037d34b1e1d2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9294
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
evvnt-plugin-proxy.global.ssl.fastly.net/ Frame 64D8 8 KB
3 KB 95ms
95ms XHR
application/json 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://evvnt-plugin-proxy.global.ssl.fastly.net/?publisher_id=8197&api_key=IVPRESSONLINE&facet_filters=%5B%22country.iso_code%3AUS%22%2C%22blacklisted_publisher_ids%3A-8197%22%2C%5B%22sources%3Ageotix%22%2C%22sources%3Agoldstar%22%2C%22sources%3Aticketmaster%22%2C%22sources%3Aactive_network%22%5D%2C%5B%22editorial_tools_publisher_ids_filter%3A8197%22%2C%22editorial_tools_publisher_ids_filter%3Abackfill%22%5D%5D&hits_per_page=80&page=0&include_in_progress=false&catchments_hash=265463342

Requested by

Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

3520224fdd33ef40a4e408962cdd52d34a8109d8d9128e3bcd7d534a289bad46

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:26 GMT
Via: 1.1 vegur, 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 2632
X-Cache: HIT, MISS
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2544
X-Served-By: cache-dca17777-DCA, cache-fra19128-FRA
Server: Cowboy
X-Timer: S1636448727.717050,VS0,VE88
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3683, stale-while-revalidate=60, stale-if-error=43200
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

GET
H/1.1 200
OK / Show response
evvnt-plugin-proxy.global.ssl.fastly.net/ Frame 64D8 8 KB
3 KB 90ms
90ms XHR
application/json 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

3520224fdd33ef40a4e408962cdd52d34a8109d8d9128e3bcd7d534a289bad46

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:26 GMT
Via: 1.1 vegur, 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 2632
X-Cache: HIT, HIT
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2544
X-Served-By: cache-dca17777-DCA, cache-fra19129-FRA
Server: Cowboy
X-Timer: S1636448727.721213,VS0,VE84
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3683, stale-while-revalidate=60, stale-if-error=43200
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C8D4 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 09 Nov 2021 09:05:26 GMT

GET
DATA 200
OK truncated
/ Frame 1709 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F388 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 09 Nov 2021 08:43:00 GMT
expires: Wed, 09 Nov 2022 08:43:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 304C 783 B
999 B 18ms
18ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

311f39d523efe3d8eed0bf2bda6c76a4716b94c80c233bcdce177f1516693dfc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I5Uqr0+dlLC/ao7w7WsjWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 09 Nov 2021 09:05:26 GMT
date: Tue, 09 Nov 2021 09:05:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-I5Uqr0+dlLC/ao7w7WsjWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 334F 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 09 Nov 2021 08:43:00 GMT
expires: Wed, 09 Nov 2022 08:43:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9976 783 B
744 B 17ms
17ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ebf16e943257b7a1752da8d064e8b9fce97a82eeb2897defcc54072462099d26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J63aXUBya1x9HfK0Wb3BfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 09 Nov 2021 09:05:26 GMT
date: Tue, 09 Nov 2021 09:05:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-J63aXUBya1x9HfK0Wb3BfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
evvnt-plugin-proxy.global.ssl.fastly.net/ Frame 64D8 9 KB
3 KB 94ms
94ms XHR
application/json 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://evvnt-plugin-proxy.global.ssl.fastly.net/?publisher_id=8197&api_key=IVPRESSONLINE&facet_filters=%5B%22publisher_ids%3A8197%22%2C%22sources%3Aevvnt%22%2C%22blacklisted_publisher_ids%3A-8197%22%2C%5B%22editorial_tools_publisher_ids_filter%3A8197%22%2C%22editorial_tools_publisher_ids_filter%3Abackfill%22%5D%5D&hits_per_page=20&page=0&include_in_progress=false&catchments_hash=265463342

Requested by

Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

0231c9b6e4ca8b4732855b335f2e8e90ae1847faaa79b1c9237cd71c71fe0b85

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:26 GMT
Via: 1.1 vegur, 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 3062
X-Cache: HIT, MISS
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2665
X-Served-By: cache-dca12928-DCA, cache-fra19128-FRA
Server: Cowboy
X-Timer: S1636448727.890664,VS0,VE87
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3675, stale-while-revalidate=60, stale-if-error=43200
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

GET
H/1.1 200
OK / Show response
evvnt-plugin-proxy.global.ssl.fastly.net/ Frame 64D8 9 KB
3 KB 90ms
90ms XHR
application/json 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

0231c9b6e4ca8b4732855b335f2e8e90ae1847faaa79b1c9237cd71c71fe0b85

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:26 GMT
Via: 1.1 vegur, 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 3062
X-Cache: HIT, HIT
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2665
X-Served-By: cache-dca12928-DCA, cache-fra19129-FRA
Server: Cowboy
X-Timer: S1636448727.894768,VS0,VE83
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3675, stale-while-revalidate=60, stale-if-error=43200
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1CDE 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 09 Nov 2021 08:43:00 GMT
expires: Wed, 09 Nov 2022 08:43:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F3D9 783 B
761 B 16ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b4151499f4ef86a17651977703e3b570bffe8e23e6fc3fcb3f2573cff4bd332c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dPj5wciBtKlSts0Ii1YZiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 09 Nov 2021 09:05:27 GMT
date: Tue, 09 Nov 2021 09:05:27 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-dPj5wciBtKlSts0Ii1YZiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 0FDF 232 B
448 B 135ms
118ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=84751220036df5954f1e6bf7d9fcf6156281063d

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fyumasun.friends2follow.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time: 111
date: Tue, 09 Nov 2021 09:05:26 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 09:05:27 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: d13ff17fb5570a7ca4b89699758984652b40f090e8c8a0b302fbe6cb3eee516a
content-length: 166

GET
H2 200 powered_by_evvnt.png
discovery.evvnt.com/prd/current/ Frame 64D8 1 KB
1 KB 7ms
7ms Image
image/png 2600:9000:20eb:9000:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discovery.evvnt.com/prd/current/powered_by_evvnt.png
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa3b0b0b923bac2349785995c9658d67ebd1b17fcf15f250ad3caea606c488fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:19:58 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Thu, 04 Nov 2021 18:59:05 GMT
server: AmazonS3
age: 20741
etag: "75b50d165228a4223db525417fd3d99f"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1056
x-amz-cf-id: 2OFdSo6aF5UxN76Lz-SylKtLiR99bS-oC28z1bz7JS_g5I5d3y-u8w==

GET
H/1.1 200
OK 01fdde77-4a94-4b8c-9319-65fcf0986490.jpg
photos-images.active.com/file/3/1/original/01/fd/ Frame 64D8 57 KB
58 KB 98ms
7ms Image
image/jpeg 104.111.244.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://photos-images.active.com/file/3/1/original/01/fd/01fdde77-4a94-4b8c-9319-65fcf0986490.jpg

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.244.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-244-56.deploy.static.akamaitechnologies.com

Software

Resource Hash

d8371d564e0aaf8c705bbba87f1bc467edbaacd990df60bf8517bb29797b3a1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';img-src 'self' data
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';img-src 'self' data
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Jul 2021 17:06:44 GMT
ETag: "60f9a5a4-e57c"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=86400
Date: Tue, 09 Nov 2021 09:05:27 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58748
X-XSS-Protection: 1; mode=block

GET
H2 200 featured_NPD_2021_Banner_CC.png
cdn.prod.mktg.evvnt.com/uploads/event_image/956007/event_image/ Frame 64D8 51 KB
51 KB 93ms
12ms Image
image/png 2600:9000:21f3:a200:8:4487:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.mktg.evvnt.com/uploads/event_image/956007/event_image/featured_NPD_2021_Banner_CC.png
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:8:4487:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e976d5f8812663b24e4a069f1dbf2fa08738fc2a06f496414946c37f929659a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 12:56:59 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
last-modified: Fri, 08 Oct 2021 16:53:57 GMT
server: AmazonS3
age: 1886909
etag: "332d397ea35519da6292ca20622a8458"
x-cache: Hit from cloudfront
x-amz-version-id: _LhyB6kBh0AQ6lAUzncy8JJYJHz7uZ4h
cache-control: max-age=315576000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
content-length: 51862
x-amz-cf-id: 9xNfIQI-JzWBk1AfnY7OgOpZwpiKuo7cUrXKej32ULOs-mo88vNitw==

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 91A1 0
117 B 44ms
29ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F957882267605246&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .vrich619.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 1BompwA8yKOSuc6IQC/2rNbaYirpyiqgWEFoye48uLp0ZHJoAmQJBiFttCoSjsQ9H33Qg4zRb2YXlRih5iPqcA==
content-length: 0
date: Tue, 09 Nov 2021 09:05:27 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 2B2F 0
120 B 42ms
29ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F225615167484381&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .vrich619.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: OcWzxAAViEGp/DXQUEkTQ0BNUgcpWgus/nPljxyLhI0dC8jFlgmK0AhARG23PAn6cjdz4nNMg+DQoHXWfNQyYA==
content-length: 0
date: Tue, 09 Nov 2021 09:05:27 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 4968 0
121 B 40ms
30ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F225615167484381&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .vrich619.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: BlRp/PDPPHOgoTUwkpPM+I8SdfcXvxOpwvx7Cym4f6+DJkKq6Hkqw4HQibqGRao3/V9WRHLUZC1OOZcCz8ZwLQ==
content-length: 0
date: Tue, 09 Nov 2021 09:05:27 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 4E0A 0
119 B 39ms
32ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F225615167484381&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .vrich619.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: XNOnP7wxwEMeb/cqRFJQgj47WxrZQeRD9CfpUJN9mkIbViIFYdZqw9ku0vkHdwUElBs1AGilVOi+tE8aSTiwYw==
content-length: 0
date: Tue, 09 Nov 2021 09:05:27 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame E1D3 0
117 B 36ms
31ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F225615167484381&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .vrich619.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: jhlMk305aWGFVoqzo/aFfxJpTaTeEmgR8SqkAHi/LaWH5BBnZoNjv73eyVVbgClVZhSMDzQ4tHc/ml0EjaiVhw==
content-length: 0
date: Tue, 09 Nov 2021 09:05:27 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 6462 0
118 B 37ms
33ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F225615167484381&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .vrich619.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: rksHMs/T3sSqdQM55br51xQvpZACP2+BwuxNlJe5Wt6mKrHmCfeuRqJoLZiKK8Y5tnfd1WZuE/jowAoPpRR8wA==
content-length: 0
date: Tue, 09 Nov 2021 09:05:27 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame F308 0
3 KB 29ms
28ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F957882267605246&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .vrich619.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: zwTQdRhIdkmNah2gtNqvQSlLRJENK5FDAEvjixPofqp5+a9bElaYMEhzUYOrDKMDnq0sIrOBa6xkX9kbL9D+CA==
content-length: 0
date: Tue, 09 Nov 2021 09:05:27 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 389F 0
119 B 31ms
31ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F225615167484381&width&layout=button&action=like&show_faces=false&share=false&height=35&appId=112442425620252

Requested by

Host: yumasun.friends2follow.com
URL: https://yumasun.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .vrich619.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: WFAmxRrkpRPARNi6meLGyhjc6Zccva1KbYMmtT/JkP4o4CzaHIbf3nfhSDInhDxJK2jhnCwLGaEi+DZCWkPj3Q==
content-length: 0
date: Tue, 09 Nov 2021 09:05:27 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 252756153_4628022883924481_1393475449389390902_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t1.6435-9/ Frame 1709 17 KB
17 KB 292ms
94ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t1.6435-9/252756153_4628022883924481_1393475449389390902_n.jpg?_nc_cat=101&ccb=1-5&_nc_sid=110474&_nc_ohc=K5X4_LBmYwcAX8jdJCe&_nc_ht=scontent-iad3-1.xx&edm=AKK4YLsEAAAA&oh=15263234a76157ec9bb21fa5d1d37716&oe=61ABCA31
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: befee8188f3d1a2c4ca0ef95bfc9fcf0c4ae92bee5a1db220ca8b942a5686de6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-haystack-needlechecksum: 3958982242
date: Tue, 09 Nov 2021 09:05:27 GMT
x-fb-trip-id: 1814657579
last-modified: Sat, 06 Nov 2021 19:25:22 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3244996046
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 16921

GET
H2 200 249665343_4610289072364529_2385154158303542382_n.jpg
scontent-ort2-2.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame 1709 2 KB
2 KB 340ms
110ms Image
image/jpeg 2a03:2880:f027:212:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ort2-2.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/249665343_4610289072364529_2385154158303542382_n.jpg?_nc_cat=110&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=VHj0-3ikXboAX_sdXa6&_nc_ht=scontent-ort2-2.xx&edm=AOf6bZoEAAAA&oh=15b74218aebcac17e1ce3ce183f7e93b&oe=61AFD911
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f027:212:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d0e5c8b2e4d1c580ee976bb182f0f816552a0c21a45e9577009d2f2da474f75c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-haystack-needlechecksum: 3053099141
date: Tue, 09 Nov 2021 09:05:27 GMT
x-fb-trip-id: 1781455057
last-modified: Mon, 01 Nov 2021 05:47:26 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3567112510
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1626

GET
H/1.1 200
OK 4734151b7bac0ecde3cf3f2e7922fb3db0f3fde485e225a401f942999100357b
friends2follow-us.s3.amazonaws.com/external-images/ Frame 1709 39 KB
40 KB 416ms
123ms Image
image/jpeg 52.216.99.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friends2follow-us.s3.amazonaws.com/external-images/4734151b7bac0ecde3cf3f2e7922fb3db0f3fde485e225a401f942999100357b
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.99.139 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7bcf302cdc92fc3043cd1db9a8d97c97e9477da1dc8cdc3d202c6b4f4287953e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:28 GMT
x-amz-expiration: expiry-date="Sat, 05 Mar 2022 00:00:00 GMT", rule-id="Rule for : external-images/"
Last-Modified: Thu, 04 Nov 2021 22:10:08 GMT
Server: AmazonS3
x-amz-request-id: W8BENSRBYPBJQHP4
ETag: "77ae34e110d1312a2affa2ab7beec119"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 40219
x-amz-id-2: KDqtrfY8v97Ky12xLYXV0zk3AvmJYr/LPXmuG+4mPEdiAGzsVIEe9mtr94I/VlMMXjpC8p9O2Zs=

GET
H2 200 71829971_2531757103536831_4642863881813753856_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame 1709 2 KB
2 KB 301ms
104ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/71829971_2531757103536831_4642863881813753856_n.jpg?_nc_cat=101&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=JbZVGDOEi34AX913LbB&_nc_oc=AQlpOox48BvgjoE3PUAWt2IMz9OEt1QtxS18Q4bvBoOGB3fsa6uOh7aQTmQzIutUEDM&_nc_ht=scontent-iad3-1.xx&edm=AOf6bZoEAAAA&oh=ef7953bb04cd773f9d6a150d03c3d165&oe=61AC47BE
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fa017661d5cc9c4f9ef638ab2dc780edfa9bde81a4a3a7f320a1f2768f6824b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-haystack-needlechecksum: 3786003748
date: Tue, 09 Nov 2021 09:05:27 GMT
x-fb-trip-id: 1814657579
last-modified: Tue, 08 Oct 2019 19:59:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3937154152
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1845

GET
H/1.1 200
OK 86a01a8f85f5ed40aa99df5d784d0974c00379d9f6b3ca05d93ffaad8a68d90a
friends2follow-us.s3.amazonaws.com/external-images/ Frame 1709 30 KB
30 KB 417ms
120ms Image
image/jpeg 52.216.99.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friends2follow-us.s3.amazonaws.com/external-images/86a01a8f85f5ed40aa99df5d784d0974c00379d9f6b3ca05d93ffaad8a68d90a
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.99.139 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1d2cdd4b89077b34c4f0b880c44a410ff9800fdda5a4d4b83c995bd921f13a86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:28 GMT
x-amz-expiration: expiry-date="Sat, 05 Mar 2022 00:00:00 GMT", rule-id="Rule for : external-images/"
Last-Modified: Thu, 04 Nov 2021 21:34:08 GMT
Server: AmazonS3
x-amz-request-id: W8B115F6M1X0NJWR
ETag: "2c39bb3dfae4c1268a24d8cbeec039f6"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 30578
x-amz-id-2: Hqn6zqt0wwrSe1CAZqWfkUBV+6eySyyAr30lmosgQnotsMYSkHwbZxoSlgQxfohEdKKvW3tRnak=

GET
H/1.1 200
OK bc408ec629127cd8b57e772809858f0d620231bb0778233731b5990bf3107ef7
friends2follow-us.s3.amazonaws.com/external-images/ Frame 1709 43 KB
43 KB 427ms
130ms Image
image/jpeg 52.216.99.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friends2follow-us.s3.amazonaws.com/external-images/bc408ec629127cd8b57e772809858f0d620231bb0778233731b5990bf3107ef7
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.99.139 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1d2c8b307795d82508b6a20926ba598fb16382f3badc56476e579563d39d1177

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:28 GMT
x-amz-expiration: expiry-date="Sat, 05 Mar 2022 00:00:00 GMT", rule-id="Rule for : external-images/"
Last-Modified: Thu, 04 Nov 2021 19:28:04 GMT
Server: AmazonS3
x-amz-request-id: W8B0BEPAWF7CYJPX
ETag: "0ddf41eb48308044e7731c679c119430"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 43681
x-amz-id-2: S+Qh4dG8SkAgK0Rw9UVCSRKrbI02YxJNND8oGztguY63KpLCBjJ6X6k5jnYzzt/z8lZX7+RgIWA=

GET
H/1.1 200
OK 626f27fdc90ccdbcc9c3f0ae2027d115592e1b429afa3158c55a8e719365f19d
friends2follow-us.s3.amazonaws.com/external-images/ Frame 1709 63 KB
64 KB 428ms
129ms Image
image/jpeg 52.216.99.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friends2follow-us.s3.amazonaws.com/external-images/626f27fdc90ccdbcc9c3f0ae2027d115592e1b429afa3158c55a8e719365f19d
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.99.139 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d8cfae2504081bde727eae60ac5f3f199092eee7942a10627f5eb07ee2414514

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:28 GMT
x-amz-expiration: expiry-date="Fri, 04 Mar 2022 00:00:00 GMT", rule-id="Rule for : external-images/"
Last-Modified: Wed, 03 Nov 2021 21:46:04 GMT
Server: AmazonS3
x-amz-request-id: W8B188BR9Z6V8PVD
ETag: "b8e4ec67c1905143b014deac1cdbfdb4"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 64608
x-amz-id-2: AmvzhFIKrcOE+CeC/hNw0aOq1I2PLMwYi40M1auKYxxrlV7unsSGTcCJE8CsEENRSDrNJcfhmLs=

GET
H/1.1 200
OK 428ca91b45b03c4e1d7274d1433a8574e3f76846b6da60473568fa5bbef4ebb9
friends2follow-us.s3.amazonaws.com/external-images/ Frame 1709 37 KB
38 KB 433ms
130ms Image
image/jpeg 52.216.99.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friends2follow-us.s3.amazonaws.com/external-images/428ca91b45b03c4e1d7274d1433a8574e3f76846b6da60473568fa5bbef4ebb9
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.99.139 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf2bcb5727a3971306c7c5f676a290ead444c4712f4feba0fbd4cfc6b33e683c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:28 GMT
x-amz-expiration: expiry-date="Wed, 02 Mar 2022 00:00:00 GMT", rule-id="Rule for : external-images/"
Last-Modified: Mon, 01 Nov 2021 17:16:08 GMT
Server: AmazonS3
x-amz-request-id: W8B5VZWEQ4NT3JKH
ETag: "7c3f5ce6cd6d181b95ef19f78cf8c79c"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 38384
x-amz-id-2: uobu8tbnrV4aauYsbTQvjoqbn6b40jbYz9rKo7uA3MD75LqpbrIX3+ar/vrSWR7zevdwC74bUJ0=

GET
H/1.1 200
OK cbe2e57568f6098413f367601f45707e10dab1a92a8d2c8e13b77bdab6689aa6
friends2follow-us.s3.amazonaws.com/external-images/ Frame 1709 36 KB
36 KB 427ms
124ms Image
image/jpeg 52.216.99.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friends2follow-us.s3.amazonaws.com/external-images/cbe2e57568f6098413f367601f45707e10dab1a92a8d2c8e13b77bdab6689aa6
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.99.139 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 23db48699ea20c5696927ce049e6d4ab44a23a0206d6d3b2295183571ea82cc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:28 GMT
x-amz-expiration: expiry-date="Wed, 02 Mar 2022 00:00:00 GMT", rule-id="Rule for : external-images/"
Last-Modified: Mon, 01 Nov 2021 05:56:04 GMT
Server: AmazonS3
x-amz-request-id: W8B1W40QSJH81472
ETag: "45c72a1df08dd204af50215befe14b73"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 36355
x-amz-id-2: 2mzDcNbciRg0jQnuYPbnNjKO7jHnFcdhSofuZHLVWXzUMoT5mLFovz11BZFntZJCHPhSOh0FhWQ=

GET
H/1.1 200
OK aa19e4f07566491274643efcdb66bba87568864bb13ab6b3ebee7635c9bf1c50
friends2follow-us.s3.amazonaws.com/external-images/ Frame 1709 34 KB
34 KB 107ms
106ms Image
image/jpeg 52.216.99.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friends2follow-us.s3.amazonaws.com/external-images/aa19e4f07566491274643efcdb66bba87568864bb13ab6b3ebee7635c9bf1c50
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.99.139 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 844c9535c425c88fab1d4a5315fdf3e32065674e67f45cc2d76d51e80ca14bbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:28 GMT
x-amz-expiration: expiry-date="Sun, 27 Feb 2022 00:00:00 GMT", rule-id="Rule for : external-images/"
Last-Modified: Fri, 29 Oct 2021 19:10:04 GMT
Server: AmazonS3
x-amz-request-id: W8B22DM27G5HFRTG
ETag: "335452ca379419e299d736c62b9e7225"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 34305
x-amz-id-2: +L1eJxnO1cQwkJjYGBQZCDE8Xa7F730G3GMsy8DhPESvQxsiorCbQDMfyGy4I7Q+8wm+rJA1AbU=

GET
H/1.1 200
OK f7276575016c7a1726cba46b93f1c70931f75d0889ee4203df26875deb26e7e6
friends2follow-us.s3.amazonaws.com/external-images/ Frame 1709 48 KB
49 KB 110ms
110ms Image
image/jpeg 52.216.99.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friends2follow-us.s3.amazonaws.com/external-images/f7276575016c7a1726cba46b93f1c70931f75d0889ee4203df26875deb26e7e6
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.99.139 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 939ca0c5c9dc8cad1c5583c1c07552423392eb260f868ebf5a72444b68990263

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yumasun.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:28 GMT
x-amz-expiration: expiry-date="Wed, 02 Mar 2022 00:00:00 GMT", rule-id="Rule for : external-images/"
Last-Modified: Mon, 01 Nov 2021 17:38:08 GMT
Server: AmazonS3
x-amz-request-id: W8B480RR9T609Y8C
ETag: "0b6a95dded99fbbf416df5e5de19b06a"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 49487
x-amz-id-2: VUu5p5kvSb+JFXAZhasmi53IfOg18bh0pR6hWzRgP/gzTAuHIrhkZi+IyYelmFsiE+zGVeq4xXs=

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 3E06 26 B
186 B 105ms
101ms Image
image/gif 100.25.5.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=22Zx-fvNwpFFs8y5&instance=214062640&version=65.21.7&age=211109&ldt=IMA&key=5b3IdoCM&seq=1&order=4&recoveryMethod=SSAI&imaVersion=3.488.0&blocked=false&recovered=false
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.5.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-5-11.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 y1ood9ixic5dcx754estsemlpha7ektc.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame 3E06 20 KB
20 KB 21ms
20ms Image
image/jpeg 13.224.186.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/y1ood9ixic5dcx754estsemlpha7ektc.jpg
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4cf677c3902843afc625ad6b447a14e8f843add534bf1e284695a7a6d6b8107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 07:27:01 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified: Thu, 08 Apr 2021 03:19:29 GMT
server: AmazonS3
age: 5907
etag: "1e2c7feaf476e95a3ced5df7c6429153"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 20035
x-amz-cf-id: lP8MQDhveKE7IeLm7kqQE9jQNYShR6uo9laa0GzOlJ-T4R_Y1F5TNA==

GET
H2 200 orn652os714nr385q68ps4155179015nplaylist.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ Frame 3E06 291 B
841 B 31ms
14ms XHR
application/x-mpegurl 13.224.186.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/orn652os714nr385q68ps4155179015nplaylist.m3u8
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f7524c42177b76a0a1421e6ac5998139717d35dc8bd4485681881c03b81f60a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 20:53:05 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
age: 43943
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 291
last-modified: Thu, 08 Apr 2021 03:19:01 GMT
server: AmazonS3
etag: "50874536b3201f73b3060fc8ac96c8d3"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 5nsSu7osZWn7Zr4tA12Sv2pv6ugxuY6yjbJSSK1IdHJVqxBw1ex8Dw==

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 41B1 624 B
733 B 41ms
17ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQ5su2qgIY97GFuAEwAQ&v=APEucNWJMfHMRh7JGC4HM25pSXPaJb96KnFwbaZKGI6R0I6Cjn6V2AJ3NjUWg0TWj1MiCnhMjH5UGqDUHIGQhgQAbPX5tEJlcS-JB7hBtsU1kbQSPdxBhXbg6f8GIDBKyCZw8eCjo6QIq1vW7Qlsoqjr4Az5puaJVzO9s9MjR17AEFYd2rsMAzg

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 09 Nov 2021 09:05:27 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B4A4 80 KB
30 KB 72ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATY1GJWHkYj7uIlutPplAb8QmkLWTC5v42eK-UTm6QB-cu7xjN37lwflY3axIGVOfm5oNliM-UmrgCgWBfuA6wSyZha81dbadxKWxpXqQa-Mar21tDI88XbJWDElVmCGIxA_dA6BJfQxE10J9q57ZMfkGU7g&dbm_d=AKAmf-CkRCjysfZOz6tMarKt-4K_UA_hUjTDb2A2-YZbHW_S_By5BD-BYaSiIiK6Nhiyzd73ZA4KqHVmntx-_uLLfOVb9M2EIFHnsLReattktt2UlVjWokF5BUOIdibVYWCzk1TTSaULCWqz0lqoFmNH3kvl4AvmxRWDmyRApzYnMunRRYs-rs22VKDy3PPnKV6h9EHrQ4sFUMXtrNtXIklxjeHniuEYCgCNJZWVz1v5_XKwTZ3Bvbc9Ekw4ilL4VoPLEy4n3a5kI5GF-ifwMS6x3iWrxUcmNHwKigUGM--CBkSeoLkfvihMoDA-VhQ394q6_Aj0OwS7ngW2or2YrlRZDciYVPd7VCvigoFRnl2Excgz_61JWSUL_Atzr5q9Sw7Q0sEKGPp4WzWz3hWPRGGcpDwdSbxUiSJyJAhqmlBg9zc_DLlFgn1IUKKKcvFvljv9fEnI0rIeT_wzNUlv8y1BRVfeNqDK_8ktO4gQE5Dg8hWcEYH4sOwB97jb15S5ALFVkzv6Pv522iHWklSXwbKFxWb22ZD9IjmFHf2iOGV9AecXOj6y9mB5gIkohOH3QoiBwURr1CEqFSMpk_lzRZebITwqTMyZZugDH4fv2mJFNQA1ryOV6z-nwcT1uNA7XU9lAsfCog3OO4mRgvmeoEwRiYfjE7IAp4HIho6cpve22aHSw8EMPH0B4EaDCPotSADiVtbYNFiztWTVZfQlkwlAOdOcxKbhrsu2c9E4n6ce7Hhu_f2IpvGGLot-7yQHVSbVULvzsUT9R-NjvyjS1-ynGciOT8TLhzzIdq5RYdS_6sTMlc_u3cOqryqLC0XWA7lTHKp0RF0HaGldYujh2QXnSmfnPW42krwDmWdCtNEurTNfHGuTSViL8lpq5gsFlzVQaH-GMFPIbvO5kLEGKTV0c-WIHxp8MqS94SObEp7nWPZK-67uA0tgUl9a3XuyM81-LZvGyLCVp_nhFqC0g0bYLdDfCrm7Jwc2LeYm89gx5azBunvyxxyHeaQ-wAmT-O-0_-a6t3xWzgcRBbuKbyLTS1OGMWzPrDzLFHh8FVo7Mnr0LY23NdCOu0Jciqo7rJXZmeAf96ql35h1bpRWiG2uTDLBgQOgl2JtzVY5TB9OwKy3-22eKtaj6WFjP_Tya31m9CB4eb6bkrRzJ_Kg5GQzc7o06ULSI-qtKHh5BgXWdI72QcLTYL9yFUZrYSVv1gv09-qm4_KdB5j6z1GNRlYnkgvhHTyVvDxIuzI-ERQZYKGLl8x9cbG4JMw97pCwQ_Sq2cdrxXQ26QSXUPI1jTbF1aGXz6MDlmyD3QtRn5kItHwj_rL-ep3I1N-ZqNQc-hF02Q2RJPTwvVvB0DoK8ISSwW0q-2wpToiKn93nXxtXkfLlPDcNGNKHOhd0Tk0wPgrRBpYau4bF1S1huMddqgBgDN2aN0tEnfamyIUNO5jaW4VHmTKOu2tVt4pbfPrPnEo2JIKUaIy3Ux88GRqNKL0PnIDkDCpNS1bykyAUbqmduzTHI6CLUMEE3Jtq1y21oHowxKHCmjy7wcz_RcQ8VkLZ2PdSftDRk-hkyTfjEnPJT7FeuQRV_uROxTsI3xQZhPuOwDgJAFOZH4PdGaoc6j3psgSAkZe0uCQBWM5S8-Jb7dMIra_CtJ3Ri2_tTIQiNfU4yGueEWaRGnKtY0r4qrwkZVfybIp82ncl6Z-qERhskhKuk2TlCL2jg0TcrTN8Ft5osiYo9cdyoBIgPPhem8jkhbnTveu7h3H2iowRQ8lQX2z_IKWNiY7am7-ZDPZCbp5_dI6kV7lrJhGKyluyvn6H5QHQFcNayd6XFpRYJaMbNBujnIyiwL_Z27P0D___A0HUvsiksBxvij8sOL0-kX5h7qB75H9bt-Obc8ORtkYpYBlp1Bw4Cs8qhnIoEy_XlDkNtu6kgJOoSoW5_3YBZgAXaHne9MO_57RiyIl3JoxlJFkffWer3wQzFI3Wx8TzpsdJQoT2TTDfoJvVjOzICCRQqqt319mtL8-bWzLobJUxGC4S_oudVTaynWd93ipg5cuRr7QpJiPocYF7Jzv0yHSyggYf0z1JvCoGogaqQZ-WYzQNT5lYttibVZ45COHT6xIRtDYTBtbhqT2oXyooMCmvj5Z6zn3644rDuJnxbmshCFAq6oetpyKNB-ULeXovjvFu5yt5YIvJ1CDrJoik7r_u3nsifsc8tJtPx3iJx7_HHNHhHyWumomAiTWkAMSV3SzkgIquT92EeqJYq9qq793erKFZLeXhxeVFh7bKepgb23hjRh6Kbcw-hLNstsUmYcsQP_Bue-SOwbyk7x_CqF6LzrQ-EA3zXqn-Zo3N-ux1MJVJLnxm9rgzCuE_tfx27xU0LKZfjWo1yItAbUQ4HQkrxSyeurinve_jWtOClfEQ4-I91x9vUDtNBKlVJW3JcRB_0P0xju50cMJBIhSOeIl-RiX0l4xGFx_9joQaQYYb7wt-Q0ZWl3ty8zm2-_3NiMNjKNIBnhv9leCHZittakgbH2qOPQOw-gt--CElbS9Y2SDLWA_JSx5ve26OuTrG4EGYFVfXWYdRbuZmwhIfrOEKrPhbp9motEUyp-XBy1uyNB76HZ3R_L6D0dwzS62qD02XcY3PtywSLfH2X91diJeLA_fMe7mr8YiuSngSXy4mbf7vTGfm9EIypfa4Ac20lU_cNVN9JT_YJxm8FQPpzrl9_HBXgkwy-HIKO73am-92bjhq0vC5QtW-GOeqdDXH4Kbkk--h0RK-y9L02e4bx8vyctuTh2tEqUi7a_G-d9NLmKuJAFW9PWQFRtJtQNLQTP0895KRE9CD71evBAusRzHi1_IOboxL_7eg6TYjxsNj7TLc14lTyAbUAJ3W_FxusyvYE7vIwqG4Sjvw1-h1WwErxk9HG4uYKk5fF9E4AlzTwySoV1nSu0goS_Ivl-QYVsr5wgIs9Zmm3Kz61OrBg9HgdLTxXmsw4efow7ck_wsQPqhyw3mTydpcOgWmW5iUrh0Bc02Q12isH_UeFog_MATlrBIHytJneeFPFR7AJsM8LatzoOGs4dTiIhDch0iUDe0AM0G6vEgw1mZoTj4XM0U-dDengXsGTdnnisIdi-JOL9CoK0oAMUizOqmtabaLNLKsVRr3jeiVuJxjjnHeyGbCBCjjaj2lzYNV6J4ytLA9Rb0m7-Gp_5X_hB7TNjwF2gFWX5ENXs6r&cid=CAASEuRo9An8vwz6CwgF_9pptumSww&rfl=2%2Chttps%253A%252F%252Fwww.ivpressonline.com%242%2Chttps%253A%252F%252Fwww.ivpressonline.com%252F%240

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

215982cf60dd294bf859d43f68ec642bf21077ea13bcc2089f9e106cd2d16381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30669
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 304C 0
0 54ms
54ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=721900699798839&rc=
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
BLOB 200
OK 1b142ef6-ec42-437c-9d5a-87658aeb7725
https://www.ivpressonline.com/ Frame 3E06 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ivpressonline.com/1b142ef6-ec42-437c-9d5a-87658aeb7725
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 4896
Content-Type: application/javascript

GET
BLOB 200
OK 1cd0fddd-dba0-4500-83ff-e57ca69470fd
https://www.ivpressonline.com/ Frame 3E06 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ivpressonline.com/1cd0fddd-dba0-4500-83ff-e57ca69470fd
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
BLOB 200
OK 69032bf5-dfd7-468e-8a2c-2d2e5618f9c6
https://www.ivpressonline.com/ Frame 3E06 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ivpressonline.com/69032bf5-dfd7-468e-8a2c-2d2e5618f9c6
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9976 0
0 55ms
55ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=3859272977251331&rc=
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 orn652os714nr385q68ps4155179015n.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ Frame 3E06 377 B
928 B 18ms
18ms XHR
application/x-mpegurl 13.224.186.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/orn652os714nr385q68ps4155179015n.m3u8
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eba39017a763d5d7a859793682beb9144f6ce8a790a8e4f1ff7da5471da3f3f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 20:53:06 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
age: 43942
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 377
last-modified: Thu, 08 Apr 2021 03:19:09 GMT
server: AmazonS3
etag: "5b24df50de1bb5915f8502f5eb3912dd"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: drg-IwbkC6w8qQWmOyMqRqTwrqf8yJhlPtVlIMJkEElncT0_P4TbiQ==

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 363A 27 KB
7 KB 245ms
245ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fimperialvalleypress-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214062640-22Zx-fvNwpFFs8y5%26schain%3Dsendtonews.com%2CvIELRGjeioDxfMyKGHFQlg%26content%3D9956%26placementType%3DPremium%26embed%3D5b3IdoCM%26domain%3Divpressonline.com%26player_size%3Dlarge%26player_width%3D749%26player_height%3D421%26player_type%3Dbarker%26version%3D65.21.7%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00189%26rand%3D14%26devicetype%3Ddesktop%26iris_id%3Diris_6f4e795efc4f7999%26iris_context%3Dic_0702043%2Cic_9301104%2Cic_4962242%2Cic_9954675%2Cic_2592227&url=https%3A%2F%2Fwww.ivpressonline.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.ivpressonline.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1721&hl=en&cmsid=2460952&vconp=2&video_doc_id=1247804&vpa=auto&vpmute=true&kfa=0&tfcd=0&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1198108931&sdk_apis=2%2C8&sid=312BDFBA-2B35-45B9-8F63-AA40FD4B6841&nel=0&eid=44725355%2C44747319%2C44750823&dt=1636448726903&cookie=ID%3D855c6868de9abe31%3AT%3D1636448721%3AS%3DALNI_MbLUAdLJzXhpbH9__Uq67eNW75sGw&correlator=1025832678881911&scor=466092124705558&ged=ve4_td6_tt1_pd6_la6000_er3713.231.4134.980_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a9ded656308bd91a77be9ad1188218dd4dfd4b563404a79316f7f926830c34ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6901
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame F388 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 08:45:28 GMT

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 334F 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 08:45:28 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F3D9 0
0 47ms
47ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=2642831976271669&rc=
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 41B1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJkyjME7lfhd8d6lvm3ur-0&google_cver=1

43 B
1014 B

25ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJkyjME7lfhd8d6lvm3ur-0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQ5su2qgIY97GFuAEwAQ&v=APEucNWJMfHMRh7JGC4HM25pSXPaJb96KnFwbaZKGI6R0I6Cjn6V2AJ3NjUWg0TWj1MiCnhMjH5UGqDUHIGQhgQAbPX5tEJlcS-JB7hBtsU1kbQSPdxBhXbg6f8GIDBKyCZw8eCjo6QIq1vW7Qlsoqjr4Az5puaJVzO9s9MjR17AEFYd2rsMAzg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 09:05:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 09 Nov 2021 09:05:27 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJkyjME7lfhd8d6lvm3ur-0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 41B1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYo51wFwYgY8eNe3T6xw1wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJkyjME7lfhd8d6lvm3ur-0&google_cver=1

43 B
894 B

53ms
53ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJkyjME7lfhd8d6lvm3ur-0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQ5su2qgIY97GFuAEwAQ&v=APEucNWJMfHMRh7JGC4HM25pSXPaJb96KnFwbaZKGI6R0I6Cjn6V2AJ3NjUWg0TWj1MiCnhMjH5UGqDUHIGQhgQAbPX5tEJlcS-JB7hBtsU1kbQSPdxBhXbg6f8GIDBKyCZw8eCjo6QIq1vW7Qlsoqjr4Az5puaJVzO9s9MjR17AEFYd2rsMAzg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 09:05:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 09 Nov 2021 09:05:27 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJkyjME7lfhd8d6lvm3ur-0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 41B1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECJNKobwDnSC3OsJxqc3drI&google_cver=1

43 B
1005 B

41ms
18ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECJNKobwDnSC3OsJxqc3drI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQ5su2qgIY97GFuAEwAQ&v=APEucNWJMfHMRh7JGC4HM25pSXPaJb96KnFwbaZKGI6R0I6Cjn6V2AJ3NjUWg0TWj1MiCnhMjH5UGqDUHIGQhgQAbPX5tEJlcS-JB7hBtsU1kbQSPdxBhXbg6f8GIDBKyCZw8eCjo6QIq1vW7Qlsoqjr4Az5puaJVzO9s9MjR17AEFYd2rsMAzg

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 09:05:27 GMT
X-Proxy-Origin: 136.243.198.80; 136.243.198.80; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0d2cc302-a8a8-498e-b154-b61e439eed78
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECJNKobwDnSC3OsJxqc3drI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 41B1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2MzI5OTc0NjU4MjYwNzE2

170 B
188 B

32ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2MzI5OTc0NjU4MjYwNzE2

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 09:05:27 GMT
X-Proxy-Origin: 136.243.198.80; 136.243.198.80; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3f3f4706-b2d3-4fee-9a95-3e0cacd703cc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2MzI5OTc0NjU4MjYwNzE2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 orn652os714nr385q68ps4155179015n-00001.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ Frame 3E06 491 KB
492 KB 12ms
11ms XHR
video/mp2t 13.224.186.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/orn652os714nr385q68ps4155179015n-00001.ts
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54b2da6553a5856250ebb2a37e247af42e5ba7dd4c7c9a11aac6fe0eeed97d55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 20:53:06 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
age: 43942
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-disposition: attachment
content-length: 502900
last-modified: Thu, 08 Apr 2021 03:19:08 GMT
server: AmazonS3
etag: "f7df5dd38386c6895913ead0c20b5c30"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 8VeIkAUPeKh1MkEsDUZMvM0CKHaCbrb4OYPwEGlSJnZInn8QhaTxtw==

GET
H2 200 express_html_obb_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame B4A4 119 KB
42 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a57cecd2bf4d6d3b8498c67487333f6dc9e102371f5e48ffc7fcf18a6e8487e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
Origin: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 19:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42555
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 19:51:22 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame B4A4 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATY1GJWHkYj7uIlutPplAb8QmkLWTC5v42eK-UTm6QB-cu7xjN37lwflY3axIGVOfm5oNliM-UmrgCgWBfuA6wSyZha81dbadxKWxpXqQa-Mar21tDI88XbJWDElVmCGIxA_dA6BJfQxE10J9q57ZMfkGU7g&dbm_d=AKAmf-CkRCjysfZOz6tMarKt-4K_UA_hUjTDb2A2-YZbHW_S_By5BD-BYaSiIiK6Nhiyzd73ZA4KqHVmntx-_uLLfOVb9M2EIFHnsLReattktt2UlVjWokF5BUOIdibVYWCzk1TTSaULCWqz0lqoFmNH3kvl4AvmxRWDmyRApzYnMunRRYs-rs22VKDy3PPnKV6h9EHrQ4sFUMXtrNtXIklxjeHniuEYCgCNJZWVz1v5_XKwTZ3Bvbc9Ekw4ilL4VoPLEy4n3a5kI5GF-ifwMS6x3iWrxUcmNHwKigUGM--CBkSeoLkfvihMoDA-VhQ394q6_Aj0OwS7ngW2or2YrlRZDciYVPd7VCvigoFRnl2Excgz_61JWSUL_Atzr5q9Sw7Q0sEKGPp4WzWz3hWPRGGcpDwdSbxUiSJyJAhqmlBg9zc_DLlFgn1IUKKKcvFvljv9fEnI0rIeT_wzNUlv8y1BRVfeNqDK_8ktO4gQE5Dg8hWcEYH4sOwB97jb15S5ALFVkzv6Pv522iHWklSXwbKFxWb22ZD9IjmFHf2iOGV9AecXOj6y9mB5gIkohOH3QoiBwURr1CEqFSMpk_lzRZebITwqTMyZZugDH4fv2mJFNQA1ryOV6z-nwcT1uNA7XU9lAsfCog3OO4mRgvmeoEwRiYfjE7IAp4HIho6cpve22aHSw8EMPH0B4EaDCPotSADiVtbYNFiztWTVZfQlkwlAOdOcxKbhrsu2c9E4n6ce7Hhu_f2IpvGGLot-7yQHVSbVULvzsUT9R-NjvyjS1-ynGciOT8TLhzzIdq5RYdS_6sTMlc_u3cOqryqLC0XWA7lTHKp0RF0HaGldYujh2QXnSmfnPW42krwDmWdCtNEurTNfHGuTSViL8lpq5gsFlzVQaH-GMFPIbvO5kLEGKTV0c-WIHxp8MqS94SObEp7nWPZK-67uA0tgUl9a3XuyM81-LZvGyLCVp_nhFqC0g0bYLdDfCrm7Jwc2LeYm89gx5azBunvyxxyHeaQ-wAmT-O-0_-a6t3xWzgcRBbuKbyLTS1OGMWzPrDzLFHh8FVo7Mnr0LY23NdCOu0Jciqo7rJXZmeAf96ql35h1bpRWiG2uTDLBgQOgl2JtzVY5TB9OwKy3-22eKtaj6WFjP_Tya31m9CB4eb6bkrRzJ_Kg5GQzc7o06ULSI-qtKHh5BgXWdI72QcLTYL9yFUZrYSVv1gv09-qm4_KdB5j6z1GNRlYnkgvhHTyVvDxIuzI-ERQZYKGLl8x9cbG4JMw97pCwQ_Sq2cdrxXQ26QSXUPI1jTbF1aGXz6MDlmyD3QtRn5kItHwj_rL-ep3I1N-ZqNQc-hF02Q2RJPTwvVvB0DoK8ISSwW0q-2wpToiKn93nXxtXkfLlPDcNGNKHOhd0Tk0wPgrRBpYau4bF1S1huMddqgBgDN2aN0tEnfamyIUNO5jaW4VHmTKOu2tVt4pbfPrPnEo2JIKUaIy3Ux88GRqNKL0PnIDkDCpNS1bykyAUbqmduzTHI6CLUMEE3Jtq1y21oHowxKHCmjy7wcz_RcQ8VkLZ2PdSftDRk-hkyTfjEnPJT7FeuQRV_uROxTsI3xQZhPuOwDgJAFOZH4PdGaoc6j3psgSAkZe0uCQBWM5S8-Jb7dMIra_CtJ3Ri2_tTIQiNfU4yGueEWaRGnKtY0r4qrwkZVfybIp82ncl6Z-qERhskhKuk2TlCL2jg0TcrTN8Ft5osiYo9cdyoBIgPPhem8jkhbnTveu7h3H2iowRQ8lQX2z_IKWNiY7am7-ZDPZCbp5_dI6kV7lrJhGKyluyvn6H5QHQFcNayd6XFpRYJaMbNBujnIyiwL_Z27P0D___A0HUvsiksBxvij8sOL0-kX5h7qB75H9bt-Obc8ORtkYpYBlp1Bw4Cs8qhnIoEy_XlDkNtu6kgJOoSoW5_3YBZgAXaHne9MO_57RiyIl3JoxlJFkffWer3wQzFI3Wx8TzpsdJQoT2TTDfoJvVjOzICCRQqqt319mtL8-bWzLobJUxGC4S_oudVTaynWd93ipg5cuRr7QpJiPocYF7Jzv0yHSyggYf0z1JvCoGogaqQZ-WYzQNT5lYttibVZ45COHT6xIRtDYTBtbhqT2oXyooMCmvj5Z6zn3644rDuJnxbmshCFAq6oetpyKNB-ULeXovjvFu5yt5YIvJ1CDrJoik7r_u3nsifsc8tJtPx3iJx7_HHNHhHyWumomAiTWkAMSV3SzkgIquT92EeqJYq9qq793erKFZLeXhxeVFh7bKepgb23hjRh6Kbcw-hLNstsUmYcsQP_Bue-SOwbyk7x_CqF6LzrQ-EA3zXqn-Zo3N-ux1MJVJLnxm9rgzCuE_tfx27xU0LKZfjWo1yItAbUQ4HQkrxSyeurinve_jWtOClfEQ4-I91x9vUDtNBKlVJW3JcRB_0P0xju50cMJBIhSOeIl-RiX0l4xGFx_9joQaQYYb7wt-Q0ZWl3ty8zm2-_3NiMNjKNIBnhv9leCHZittakgbH2qOPQOw-gt--CElbS9Y2SDLWA_JSx5ve26OuTrG4EGYFVfXWYdRbuZmwhIfrOEKrPhbp9motEUyp-XBy1uyNB76HZ3R_L6D0dwzS62qD02XcY3PtywSLfH2X91diJeLA_fMe7mr8YiuSngSXy4mbf7vTGfm9EIypfa4Ac20lU_cNVN9JT_YJxm8FQPpzrl9_HBXgkwy-HIKO73am-92bjhq0vC5QtW-GOeqdDXH4Kbkk--h0RK-y9L02e4bx8vyctuTh2tEqUi7a_G-d9NLmKuJAFW9PWQFRtJtQNLQTP0895KRE9CD71evBAusRzHi1_IOboxL_7eg6TYjxsNj7TLc14lTyAbUAJ3W_FxusyvYE7vIwqG4Sjvw1-h1WwErxk9HG4uYKk5fF9E4AlzTwySoV1nSu0goS_Ivl-QYVsr5wgIs9Zmm3Kz61OrBg9HgdLTxXmsw4efow7ck_wsQPqhyw3mTydpcOgWmW5iUrh0Bc02Q12isH_UeFog_MATlrBIHytJneeFPFR7AJsM8LatzoOGs4dTiIhDch0iUDe0AM0G6vEgw1mZoTj4XM0U-dDengXsGTdnnisIdi-JOL9CoK0oAMUizOqmtabaLNLKsVRr3jeiVuJxjjnHeyGbCBCjjaj2lzYNV6J4ytLA9Rb0m7-Gp_5X_hB7TNjwF2gFWX5ENXs6r&cid=CAASEuRo9An8vwz6CwgF_9pptumSww&rfl=2%2Chttps%253A%252F%252Fwww.ivpressonline.com%242%2Chttps%253A%252F%252Fwww.ivpressonline.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 09:04:35 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame B4A4 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:58:52 GMT

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CDE 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 08:45:28 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B4A4 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 69F3 1 KB
845 B 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 08 Nov 2021 18:26:41 GMT
expires: Tue, 09 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 52726
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B4A4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51bc56c5805e857f22524324bca4efa38ed252117a4e54ca0a01f371ca3d6e10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 5 KB
2 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26db5f30ed8fc573894662c75c70966bd6a2f6996aabbeeff145c60d7d545cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1517
date: Fri, 05 Nov 2021 06:13:21 GMT
expires: Sat, 05 Nov 2022 06:13:21 GMT
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 355926
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B4A4 0
255 B 49ms
48ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuoNbiSi57YTztPraT-zY5pfxuaMP-Ejo6LQ7rUzjVYTjeb_m5DYrY1nxT2JdAiMWepyY0wZwzubQ4DjL__XjPEZJPgDtr38AQXL1XmxKALyMt-hWFHLCHH0QYus36TUNpVPT8NlMWMvtdhcBn4EmhQt21Cpq2NRa7KBN6-p_VlF5j2vJ2hLWVvb2LaNtAGuhWcw_wLb8TgOb0c6E6tLLUC3i1STkpBENV64wxAznl2ZDtFoMAYBOrE-OUUiaJttqwVCQBsJnm0IDSHqezfsz0vZEYK7BEOjgp8u88UFaPxkt5vWiafooJfW_sUHFMBw3dTRI29ExMf05IdNbHMryjfiF_dY21h8Ua_MvoqB9Sx-vKjN8IHBaWwRYEp7BlFwOUQjUeUUbE1ZzYfQEay5B3lcBPVFyCVDrn2c03xPjKjRMofnMCUbOAL40pZ3taMg8uc95JCLHygBI2cJ0z967oSwPsdrb19kgU5P8DyqEPonbXa6dAVJFPS1TENDZaHIOO0or1ft3Orfka9TJioYp39V6Q3vjX70MxkUmcvOTSQTLTa6CeNAFe0pVt1fuOP9PdO8g5HOzeU5-FQ3Y-SVH-JoxX85POCZlFjQDbJ3SoFTx4m1RWlxTgygwpnGClOSuTkviaV8CjBON3ee8kk77wf6z8Lf51_2z9IWNjsk1a8Sx21dT9dLiRAwakyTNrprVJ540fwcyzWs0OSlBeIdZmhN6WGzmUw-nHRdO5TtP7j56A70X0xaxT3jflODnyM48sX1N9-snic6H1wL7LrOlGVqhS1sdti9YQfsxdEUia_r6CXBEglablQ-L8pLGxfsdfDOuwQt6ddlf1JOvE8FsFcCDGmnKwRyG9ZPiK-81RUzRS1y9x7G1svE4LTKH7C5F-4itm3DEeSFRbMMUBy1a6-tPxHek3POZPnqV1RVUfPd5BbXyMbsBiKFA8eECFuAcIV0ObfyBCKiKxhI0xLCxhwQwd8Y3kg0u7MdMKApLou4W1P_b3oouO_DScqb9bV-UKga0Piu2_zofqbPcrsPogXiv4dww3B-zKxnVkPC9Rrq_rdTTex3jFmvNpLO7lGRDnulsQAkiErDmUd7CNZyDp4ijRH1B9m3U9FiK-PH0jKpJaDVh0iWCT_gsgXpFIhZ7P6pUYW-cpTJ2UoLB4pHZOVeSiJstkoBVFQwLnCbwHZhLhlQRLowPYIiBQrQJ3nmzigjYv8Yl-sQsQCKw06peTIuOnGXYImHgQHBd1LrOPnKqUR1NQ1eQNE3wZodt07syH8HW9Pja8iF6TQruFizbszsfow2TgOOdCfSpaN94GyGxnl_qOJiIzDfo1TSvSGB0c8zMHup2ViQAY-aJbiQOuOq7mYcUFa481ey_LKvlGgeNjLOTnsUyufFkhOh2d811BlZVev4ln30cEySWg&sai=AMfl-YSr4lCWYKpCzGWdsi9sGxDBAPqhZCGVYNhSWaoSiZZQFHnJQquXxqa4o3Kjie0p87-9-Sb9EpfCZHQkbVGtzhoI1tSj3pGbDCeLGM8TPDTPAwQYbUR5swLA5v4Jfq1P-_Xpd8vchvRXzZH0ayUsfqO5GnTVYqP5h7pofDlBCsudERNLqr0&sig=Cg0ArKJSzMxd_G5cLLQZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=148&cbvp=1&cstd=145&cisv=r20211103.04232&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 09 Nov 2021 09:05:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9AFA 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 520077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 styles.css
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 3 KB
927 B 7ms
6ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452b3ada7841bf0ac5eeed2f45a2edc37cd33d2e7cc57ccb305ce913e1cbf354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 17:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 573732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 824
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 17:43:15 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/2.0.2/ Frame 3288 113 KB
34 KB 17ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/2.0.2/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

009bf00d3831fb62595adb20e170ed288d8a157493fb6028b1888b05875ed8f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1219402
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33806
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c56a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94RQMZB2kd0xVtMInJS%2BplGUJTalvn5%2BzAswrQNG63XrOYuV%2FpRsxYaJBTJFDJbb15VgiLJpzlRrhRm9xtH06rxKMqiyA13jb90M0Qc4FVuPR5hUiQoaAe3Md5IXDVfFqkjIOvp%2BKe%2FJ8GNKf%2B7enEy0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab5e1235c0842c9-FRA
expires: Sun, 30 Oct 2022 09:05:27 GMT

GET
H2 200 main.js Show response
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 10 KB
3 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

047618e600d04061273b2949130cdb35481b8caa8cd37653557805c452bfb35a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 02:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2540
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Nov 2022 02:27:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 69F3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELgHLtXmvaU7QOV43vd9rdA&google_cver=1&google_push=AYg5qPLKgdqhSyf8isSCkDGIWigIw5P9I9W3KpiNE2bmgbz89P6w9AfcB9a1VbQ6mIKcRSsJEmda_yLZhRUSO9fG...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLKgdqhSyf8isSCkDGIWigIw5P9I9W3KpiNE2bmgbz89P6w9AfcB9a1VbQ6mIKcRSsJEmda_yLZhRUSO9fGFNRp4lJPctFk

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLKgdqhSyf8isSCkDGIWigIw5P9I9W3KpiNE2bmgbz89P6w9AfcB9a1VbQ6mIKcRSsJEmda_yLZhRUSO9fGFNRp4lJPctFk

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 Nov 2021 09:05:27 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x2 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLKgdqhSyf8isSCkDGIWigIw5P9I9W3KpiNE2bmgbz89P6w9AfcB9a1VbQ6mIKcRSsJEmda_yLZhRUSO9fGFNRp4lJPctFk
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 Nov 2021 09:05:26 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 69F3
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIcz7O4AvaOtN_JVN3WDu0o&google_cver=1&google_push=AYg5qPLSraLZ-iWup78xjvlfyqplZkAEUn_0KNUxKUKFF1vOpKRwaSouX8zAUnTbfBXIQ_hdGy0e54Wo-LrDWqeFg1BjU7KQ88LE&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIcz7O4AvaOtN_JVN3WDu0o&google_cver=1&google_push=AYg5qPLSraLZ-iWup78xjvlfyqplZkAEUn_0KNUxKUKFF1vOpKRwaSouX8zAUnTbfBXIQ_hdGy0e54Wo-LrDWqeFg1BjU7KQ88L...

43 B
438 B

176ms
168ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIcz7O4AvaOtN_JVN3WDu0o&google_cver=1&google_push=AYg5qPLSraLZ-iWup78xjvlfyqplZkAEUn_0KNUxKUKFF1vOpKRwaSouX8zAUnTbfBXIQ_hdGy0e54Wo-LrDWqeFg1BjU7KQ88LE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLSraLZ-iWup78xjvlfyqplZkAEUn_0KNUxKUKFF1vOpKRwaSouX8zAUnTbfBXIQ_hdGy0e54Wo-LrDWqeFg1BjU7KQ88LE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ab5e1253b994a9e-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:27 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 214
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ab5e123d9324a9e-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIcz7O4AvaOtN_JVN3WDu0o&google_cver=1&google_push=AYg5qPLSraLZ-iWup78xjvlfyqplZkAEUn_0KNUxKUKFF1vOpKRwaSouX8zAUnTbfBXIQ_hdGy0e54Wo-LrDWqeFg1BjU7KQ88LE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLSraLZ-iWup78xjvlfyqplZkAEUn_0KNUxKUKFF1vOpKRwaSouX8zAUnTbfBXIQ_hdGy0e54Wo-LrDWqeFg1BjU7KQ88LE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 69F3 70 B
264 B 41ms
39ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOCzMnnfpGG61nvpqkFvae4&google_cver=1&google_push=AYg5qPLgUe7aknLHPDoF7NAXwzBjYaP7LOIro7w3GovLI_ctCpkseZwqz8YaY-ml-FFQWMk9z-cyNjOVodyXmFVi4eJqGTAqPWBVXw
Requested by: Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 69F3 0
191 B 93ms
30ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEOdPItuWqGtUqwCb2NbMr4U&google_cver=1&google_push=AYg5qPJvLE7mf5EPeg2qiKeSJb6Z12XgVDUp2VsMhaD1FKN-SSZiJ7bzWNqZiPC4lltl67rP-wZp_I6Gw7x-JR3TvxMZyHm6Gb__Tw
Requested by: Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:27 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 69F3
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDzwUKLmYtXs5dsETvj4VIw&google_cver=1&google_push=AYg5qPLCUKoGcv2FMevjNO6hwBz28-yE0BT48Vsq8f3UcKFbohHAqVXhUfMGP1iYJE7yQtMG4AvLt_QLcHqy04G0fasg...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDzwUKLmYtXs5dsETvj4VIw&google_cver=1&google_push=AYg5qPLCUKoGcv2FMevjNO6hwBz28-yE0BT48Vsq8f3UcKFbohHAqVXhUfMGP1iYJE7yQtMG4AvLt_QLcHqy04...
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=4b9f7a20-1c50-4d8e-b9cb-5265dcaf1bd9
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=4b9f7a20-1c50-4d8e-b9cb-5265dcaf1bd9
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d04508fe-3e9d-4356-9428-199f2bf3a8e9&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLCUKoGcv2FMevjNO6hwBz28-yE0BT48Vsq8f3UcKFbohHAqVXhUfMGP1iYJE7yQtMG4AvLt_QLcHqy04G0fasgAhLnHC7KSw&google_hm=S596IBxQTY65y1Jl3K8b2Q==

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLCUKoGcv2FMevjNO6hwBz28-yE0BT48Vsq8f3UcKFbohHAqVXhUfMGP1iYJE7yQtMG4AvLt_QLcHqy04G0fasgAhLnHC7KSw&google_hm=S596IBxQTY65y1Jl3K8b2Q==

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLCUKoGcv2FMevjNO6hwBz28-yE0BT48Vsq8f3UcKFbohHAqVXhUfMGP1iYJE7yQtMG4AvLt_QLcHqy04G0fasgAhLnHC7KSw&google_hm=S596IBxQTY65y1Jl3K8b2Q==
Date: Tue, 09 Nov 2021 09:05:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 69F3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEGa1SqOZF35ScvXdKR-hsA&google_cver=1&google_push=AYg5qPJr4S1U6MIC5DsrixMA9swdJCjvcDfJ49jPJOQ9GLu557kkVn7tIVqhqUuE90rKHXkzUQP-YX_CznN2sZJ8Alg3quWhoY...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJr4S1U6MIC5DsrixMA9swdJCjvcDfJ49jPJOQ9GLu557kkVn7tIVqhqUuE90rKHXkzUQP-YX_CznN2sZJ8Alg3quWhoYOkZA&go...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA5NDQyODI4NjEyNTA2MjkzNTY%3D&google_push=AYg5qPJr4S1U6MIC5DsrixMA9swdJCjvcDfJ49jPJOQ9GLu557kkVn7tIVqhqU...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA5NDQyODI4NjEyNTA2MjkzNTY%3D&google_push=AYg5qPJr4S1U6MIC5DsrixMA9swdJCjvcDfJ49jPJOQ9GLu557kkVn7tIVqhqUuE90rKHXkzUQP-YX_CznN2sZJ8Alg3quWhoYOkZA

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA5NDQyODI4NjEyNTA2MjkzNTY%3D&google_push=AYg5qPJr4S1U6MIC5DsrixMA9swdJCjvcDfJ49jPJOQ9GLu557kkVn7tIVqhqUuE90rKHXkzUQP-YX_CznN2sZJ8Alg3quWhoYOkZA
date: Tue, 09 Nov 2021 09:05:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 69F3 43 B
175 B 15ms
14ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEKzrt8-vAth7FoHMhx16Yrk&google_cver=1&google_push=AYg5qPJtGlGDOArDEuxvedT4jEDP-Czzijzzss3VxnW-cqUbTLGBctjvQBLJEeB6GMlPxAoeBGjIx0YHKwyX7mEKVtwL4tkLkSBQEGg

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 09:05:27 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 69F3 0
12 B 16ms
16ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQv1jYVldemCHQY5eWur5MR67tf3cEp1zpxEb2xmKEoO6z-XXpSaoRDe5tSEdq6l7stil6-w

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 363A 28 KB
15 KB 101ms
43ms XHR
text/xml 64.233.184.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CApldffPb1qXLknWWkI8AZd8GyxgHdFSjazRXGdqDjam_-4jGKcFbJxU_4dZRvAjKZ0Od6tsbGMZwzDuP-K36PnML4wA&dbm_d=AKAmf-B8NXe2EA0CAApxTvY2D29-fU7fPXj6_DL0j2tSJjT6-JsD9DqHByYK1Ku5s1vuUd3UJeqG1hBXgl_bXVEhN07XvtXSdx-f3kifoaS_57EGWx0uSwPLZBX4sd8vG7jIRD4Z34WJcejK9F1XJMTSn2UJaKRlLhXbubcoM2SjUyNgfDOVYaKJGhIUWrVyj74XyyegAAD2y6xWXofwEa6fqYAlup4JqIgh3Ms43nSrbgXCcRXrIl1waEtkrMYbw-paMGXA8ACvzPQaAgOxTvKQvwyHNS-teSellEZevK7QZDPFoxN6V4a775w7j49hZVTzIre8J_FpTZWW3PiUh92f1lXYrlitBTDUV6aov_1Y-M3_xPNZBaUIZlm9dy5FV80ACwCL0qboZ9GYkKYPHhabQpr4JGH3BGu-OZVrHFVlDapo3kGaDAmwHK54aBDKxFDsdUvdy2uMuWCv7ACL5DjFhiStfpl_O-_bkOj1ZKj6hxD7i_4_AEGrbmk9A6hIuiYsNfQxnu8bQzoj1mBzdMD5M3SMvFrjXPgL6yVV1B2XsiYuSEvhZyJC-jsKwP4kQo6WfNNytgm4xYizX5o0hwJAQh4cZZm0StfYAj5LMIU9538MBbWz3SZ_L_rwgxSacEhzb6anPTAXw7ABlcD3qDqY74qLyF-yX-kpNx4Fz7oilDSVJ9sPmjU8x8w9SSQPvhzTXQxMAvUwv92nw3BfM9Cb7ISgGtRGWFZW4lg-ZyNvNvpgSsrYI_uiSvLw1qIlh4dnvEBabAA3npBk8PmP0berYVs0sCQ2a8vN_E3yIfYe7Xme_-9iJ-p8BQF5fwRXW_GBsGWJ2ON0lv5t7PCmHb_bFLBwxRJpbucC2WWX9L2FmOi-HjpEwoBdCBxgrcML1P_7XJ-HcMyGkMoPL0E-wLhW6lbhSoKb1MzsZgvHEAK5vEFwKQfVHR0CuyH_5xdXuq72xCNIX28uyeAoMyHiNMsqXFM3huzE025Wn9ae1MmlQcM2keiEMfjIY6K9Nz_3DOahzpyZmHU6CavnrkFQ4Oc93CFJUEjoj5JItM_5oOTtlxmj8LgB0fnLCiSIMhsmvHQiOI-eTg5zwrRc-iqqPopIQGhJyloM7MWYEZwZq-veHS2aX_MAJLM8CgoD4i5D7JU4HIkXYlP6TorP1pLJTdydFtmzwYvv2aZtwMP3Lx41V9hddW4KwOwevRnXO1zSaqSFpnO1sh5b5DEsBlFD6zJCAqLSjQ-D-8QszI9w9Hi8wmpPK9_YjVA5MiRXFkwqfB-uXWVH07j0BDt4NAKKBdaSs3EeYzFOM8iiGuh1KrUxiIWl05P4k9iwpaa2x9PfCmvS0xae52xY1N95HkEMI4XtUtijdO7mrJcqq_Wt1P6KNN12DkLRZ3l7QSpUBYA69RigSe47FNupFTaY4i7-j3BGfy4xmoSMDks9tkYbZOJAwjCKMHnisGHgdfKlH9nbw4nPrgWvTW6Bjo3K0ggnQdNW_KvhhVFjG0xOhwkJBsLvE3XF0cVAp2KVSPm-5RV59NkA927J4SxiZ7M9e-sFiSrUB8s4uky1pMy_CtRnGAcsx6OUCIk0q62zizG-T61ebXBoY6hZRw-SeP9Xvlvyn9W0AjaUY6v7MJyovkpTJMoC0HyuqEL2OJ9wQvXLs7HDCM0fUyK3XoUpSZ_Yy-goYfl8fIbMYHXvcLwp1IzhHkS2dLK4XC5h2_kqOvC1YQf1cM-VJOR2k8ApZP1lKK8QqsS4mG15WLEO2FlxK08V6urZrP6GSY6TAG1j0kFK8aOPx9amwhaT_7lAMXu0FCzWpAaKLQHXeDm5R3dMPenZgwdmuyE4wegOjNN1JQqzTNpsdzPrms3L0rqjUYc1ARNCXV2GycYgKICkd6l9mqZs_YBXEWBdZY6kYgQxPiYDsvuUJ55l7yFjfu5anskawz9gkSye93wthLuQ7devNhdjsHaFWLGjxn2SV_mSaOrgkDxfmZFjcW1fLDau2zDmmGRBYhaszDEBFSowOV9aQG6d4eQg_Kf4YmcgPD2xYbkKv-wrf6kIsdBOXZCXjbvZLgqpGJfHaqdz8fEOzicB6YqIp65M8uaAyjaUsbR0OhlEMUmbOAjFwj5e2IGJIYoM2zfXNJfVc_ECLwbfNkbFCjEAz83nToAP6SGrq7fIIYWm0pQ1M0MfW0ybp7mZHyNAV7RaXSm6cl6fnlShizFwiqEucD_nOGud8KGo7QtAJG3KwyDroxpoLW3G0d7iqnrWhA5gEaAEmDr2B5NgDXsBKCeXvKor00FOfMJoCxzgu0mfpOBznLlTn3xyLwQsxpNstcEYb5TdKm_HgXVft7m1E-zpxLgEsCgHm-q-xtNZUIMkBEuK9gZUlfUJu1cofxAU5W8EpS9t5ntNEqjsaD2f1LwyhJN6qipGTbx5BmmQflvVhmA4dfyz6WO-GujdAbSawyxkAT0mYID5L5nOlzlRRX4QDk7rm88XQ3QNLR-xmGI9CKYFLhlI1_B2OpsANGcevuVbozlAH8yUpj2FH1TrN7Yu5dcY-nVlQe36_25cQctmcT5-Qzy2aF4whz1SKf0O6R-xLFKD8Pf7KvrBDkvCUV3SdXgpVzyJfH9mUDqxf8xtEblx-u6xp75cujxFbQNgNeZscEaHpJ7bqJuW6PZ7OiSIU1TMI9mpBY-pbW644waP4TkHgHgsBbpsDDoFW408yxnEbW4wp4lrj5WSFuUmQ5mZgAIyExb_43B7rUdK975NjFolv4KT9WGx0FO2e8EPGECnXWxq4e1rJ5Qil1y86WKGKgIEZQ8BIVlXFVPeYl1A19YhRUI2Z8QSo6CkmbwvcAjp_5_mwlXDwdiPhk0b05GRPEZbSQglVIooSIgdcrPLwK-1swNM2iNJWRwO0Vs0BRw4vfGaO20YRmw7-8ZWm7SGlzFvVgnAGRCW7DjAmdBxBrTCi2KixpXPam6mCgjmQmGnZRKcGtts6tntbI6NqxLvX8ilSOTcKElzw4tinJbVGHQJ_rDEJSac2d71LRetrvSGXRB3R19e7BgVrGYWEuGtUobhOPqGGyC0r1CPSVyvCyZrJLnwbB1PvM4_RmWijfdHkHxRhqRir3NPKnmaiPELT8dv05DJcLSJfWE&cid=CAASEuRo4cMEVlAr1a2-1yU9hf8lOQ&vpa=auto&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1198108931&sdk_apis=2%2C8&sid=312BDFBA-2B35-45B9-8F63-AA40FD4B6841&nel=0&eid=44725355%2C44747319%2C44750823&url=https%3A%2F%2Fwww.ivpressonline.com%2F&dt=1636448727246&ged=ve4_td6_tt1_pd6_la6000_er3713.231.4134.980_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f154.1e100.net

Software

cafe /

Resource Hash

fbce4577dcc6c226fac150424019abb9177d3f5c5ba44a14ca371f53132acfcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14540
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 background.jpg
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 29 KB
30 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/background.jpg

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcec0581d2857d9dc85fe4d13140700561aa9afa754650f2c4d934313694646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 17:43:16 GMT
x-content-type-options: nosniff
age: 573731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30147
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 17:43:16 GMT

GET
H2 200 laser01.png
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/laser01.png

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c11e882a2065580fb33017bf72ed807057cb89ea3887c16fcc12108df0006c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 12:06:22 GMT
x-content-type-options: nosniff
age: 421145
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2045
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 12:06:22 GMT

GET
H2 200 laser02.png
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 2 KB
2 KB 12ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/laser02.png

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7f3bda6a530672b8af4bf3f4900a7bfc251ed938ad142be955d8800c96148d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:44:45 GMT
x-content-type-options: nosniff
age: 364842
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1657
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Nov 2022 03:44:45 GMT

GET
H2 200 h1.png
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 1 KB
1 KB 13ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/h1.png

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

890063f6bb70a1ab4d3c254afac38594b10fd574b73b1d05fbf56f4986d4cbe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 17:43:16 GMT
x-content-type-options: nosniff
age: 573731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 17:43:16 GMT

GET
H2 200 h2.png
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 1 KB
1 KB 12ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/h2.png

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73bda56957a43e625f343e32c6eb11597232c2f315e3996f295ffde602a92d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 13:07:25 GMT
x-content-type-options: nosniff
age: 417482
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1319
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 13:07:25 GMT

GET
H2 200 h3.png
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 1 KB
1 KB 13ms
11ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/h3.png

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f17fad97258db1151ee8f116af97d28afb8ce82bf68319371bb163b9a0805419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 02:27:44 GMT
x-content-type-options: nosniff
age: 369463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1157
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Nov 2022 02:27:44 GMT

GET
H2 200 h4.png
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 2 KB
2 KB 13ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/h4.png

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2adfe9dc40a9014c9c08d685cef24569f2b21740242a8a411f0e299b36a6d7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 01:22:25 GMT
x-content-type-options: nosniff
age: 459782
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1681
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 01:22:25 GMT

GET
H2 200 motiv01.png
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 17 KB
17 KB 13ms
11ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/motiv01.png

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1ae767091c1aff1362e6ed8c39903df136a7286041b87b6d960d527640eec58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 00:15:45 GMT
x-content-type-options: nosniff
age: 377382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17553
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Nov 2022 00:15:45 GMT

GET
H2 200 motiv02.png
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 10 KB
10 KB 14ms
12ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/motiv02.png

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a16cd44bcf5702060fc3b977d6a94a30f73af759d6a542878571f3eeb6c4e828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:34:52 GMT
x-content-type-options: nosniff
age: 444635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10314
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 05:34:52 GMT

GET
H2 200 stoerer02.png
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 717 B
807 B 15ms
13ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/stoerer02.png

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

963b5764b123f405f1d78d80c1f9142f941fee022becb1588be2a70b20324329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 02:44:07 GMT
x-content-type-options: nosniff
age: 454880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 717
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 02:44:07 GMT

GET
H2 200 stoerer01.png
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 717 B
782 B 15ms
13ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/stoerer01.png

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3eab2985e8e3a8e62d553fdbf3f0537d3133afbc1d635f2330e37e5ae2bfa34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 17:43:16 GMT
x-content-type-options: nosniff
age: 573731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 717
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 17:43:16 GMT

GET
H2 200 siegel.png
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/siegel.png

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b23fd27b8f625985e5d80752d9960a82179eab59fa5a763e1ede26412295e052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 23:01:42 GMT
x-content-type-options: nosniff
age: 36225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Nov 2022 23:01:42 GMT

GET
H2 200 logo.png
s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/ Frame 3288 3 KB
3 KB 15ms
14ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/logo.png

Requested by

Host: c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
URL: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7aade7eedd849f0706724b0a7b2ce6893d982c04fc7346b3358a8888ce537075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17215284736271800429/funk_202110_alles-per-app_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 17:43:16 GMT
x-content-type-options: nosniff
age: 573731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2912
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 14:19:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 17:43:16 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B4A4 0
23 B 44ms
43ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuoNbiSi57YTztPraT-zY5pfxuaMP-Ejo6LQ7rUzjVYTjeb_m5DYrY1nxT2JdAiMWepyY0wZwzubQ4DjL__XjPEZJPgDtr38AQXL1XmxKALyMt-hWFHLCHH0QYus36TUNpVPT8NlMWMvtdhcBn4EmhQt21Cpq2NRa7KBN6-p_VlF5j2vJ2hLWVvb2LaNtAGuhWcw_wLb8TgOb0c6E6tLLUC3i1STkpBENV64wxAznl2ZDtFoMAYBOrE-OUUiaJttqwVCQBsJnm0IDSHqezfsz0vZEYK7BEOjgp8u88UFaPxkt5vWiafooJfW_sUHFMBw3dTRI29ExMf05IdNbHMryjfiF_dY21h8Ua_MvoqB9Sx-vKjN8IHBaWwRYEp7BlFwOUQjUeUUbE1ZzYfQEay5B3lcBPVFyCVDrn2c03xPjKjRMofnMCUbOAL40pZ3taMg8uc95JCLHygBI2cJ0z967oSwPsdrb19kgU5P8DyqEPonbXa6dAVJFPS1TENDZaHIOO0or1ft3Orfka9TJioYp39V6Q3vjX70MxkUmcvOTSQTLTa6CeNAFe0pVt1fuOP9PdO8g5HOzeU5-FQ3Y-SVH-JoxX85POCZlFjQDbJ3SoFTx4m1RWlxTgygwpnGClOSuTkviaV8CjBON3ee8kk77wf6z8Lf51_2z9IWNjsk1a8Sx21dT9dLiRAwakyTNrprVJ540fwcyzWs0OSlBeIdZmhN6WGzmUw-nHRdO5TtP7j56A70X0xaxT3jflODnyM48sX1N9-snic6H1wL7LrOlGVqhS1sdti9YQfsxdEUia_r6CXBEglablQ-L8pLGxfsdfDOuwQt6ddlf1JOvE8FsFcCDGmnKwRyG9ZPiK-81RUzRS1y9x7G1svE4LTKH7C5F-4itm3DEeSFRbMMUBy1a6-tPxHek3POZPnqV1RVUfPd5BbXyMbsBiKFA8eECFuAcIV0ObfyBCKiKxhI0xLCxhwQwd8Y3kg0u7MdMKApLou4W1P_b3oouO_DScqb9bV-UKga0Piu2_zofqbPcrsPogXiv4dww3B-zKxnVkPC9Rrq_rdTTex3jFmvNpLO7lGRDnulsQAkiErDmUd7CNZyDp4ijRH1B9m3U9FiK-PH0jKpJaDVh0iWCT_gsgXpFIhZ7P6pUYW-cpTJ2UoLB4pHZOVeSiJstkoBVFQwLnCbwHZhLhlQRLowPYIiBQrQJ3nmzigjYv8Yl-sQsQCKw06peTIuOnGXYImHgQHBd1LrOPnKqUR1NQ1eQNE3wZodt07syH8HW9Pja8iF6TQruFizbszsfow2TgOOdCfSpaN94GyGxnl_qOJiIzDfo1TSvSGB0c8zMHup2ViQAY-aJbiQOuOq7mYcUFa481ey_LKvlGgeNjLOTnsUyufFkhOh2d811BlZVev4ln30cEySWg&sai=AMfl-YSr4lCWYKpCzGWdsi9sGxDBAPqhZCGVYNhSWaoSiZZQFHnJQquXxqa4o3Kjie0p87-9-Sb9EpfCZHQkbVGtzhoI1tSj3pGbDCeLGM8TPDTPAwQYbUR5swLA5v4Jfq1P-_Xpd8vchvRXzZH0ayUsfqO5GnTVYqP5h7pofDlBCsudERNLqr0&sig=Cg0ArKJSzMxd_G5cLLQZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=359&vt=11&dtpt=211&dett=3&cstd=145&cisv=r20211103.04232&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B4A4 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae02857f28bbbb4aeb738bbf4c2f8551656b9793dec7c32968b307c089d2f8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5130
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2611 12 KB
9 KB 19ms
19ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ebc64cc3d49d9284551c4d004b1871d23d90c48a2c0ec76a2cb2eecc0296e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9177
x-xss-protection: 0

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=13855/rand=388585393/pv=y/rb=%7B%22meta_tag%22%3A%22imperial%20valley%20press%20online%22%7D/ Frame 44BC
Redirect Chain

https://bcp.crwdcntrl.net/5/c=13855/rand=388585393/pv=y/rb=%7B%22meta_tag%22%3A%22imperial%20valley%20press%20online%22%7D/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=13855/rand=388585393/pv=y/rb=%7B%22meta_tag%22%3A%22imperial%20valley%20press%20online%22%7D/rt=ifr

163 B
861 B

57ms
57ms

Document
text/html

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=13855/rand=388585393/pv=y/rb=%7B%22meta_tag%22%3A%22imperial%20valley%20press%20online%22%7D/rt=ifr
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
content-type: text/html;charset=utf-8
content-length: 163
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.27.31
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)

Redirect headers

date: Tue, 09 Nov 2021 09:05:27 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=13855/rand=388585393/pv=y/rb=%7B%22meta_tag%22%3A%22imperial%20valley%20press%20online%22%7D/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.2.225
server: Jetty(9.4.38.v20210224)

GET
H2 404 1.js
ivpressonline.com/content/tncms/ads/block-background-ad/ 0
0 84ms
83ms Script
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ivpressonline.com/content/tncms/ads/block-background-ad/1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 1.js Show response
ivpressonline.com/content/tncms/ads/block-pencil-one/ 3 KB
1 KB 84ms
83ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ivpressonline.com/content/tncms/ads/block-pencil-one/1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 775d7b20c1c98d122af38bb02e677e0e913e9eb303c19bdaa950e434916d4fc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:03:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Sep 2021 14:01:02 GMT
age: 138
etag: W/"6147429e-d06"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 896
service-worker-allowed: /

GET
H2 404 1.js
ivpressonline.com/content/tncms/ads/block-leaderboard-bottom/ 0
0 83ms
83ms Script
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ivpressonline.com/content/tncms/ads/block-leaderboard-bottom/1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 19ms
19ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

837d4d8179f76dca110ff2e07c1b228d8c1c9684bb147f793d1357ddf3922c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 09:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9101
x-xss-protection: 0

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9AFA 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 08:45:28 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B4A4 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 09 Nov 2021 09:05:27 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2611 17 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 09 Nov 2021 09:05:27 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 363A 0
327 B 323ms
111ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kvrvbinx&c=5017336323064&slotId=2508668161532&qqid=CIPC18j2ivQCFdsR4Aod-IAF1g&gqid=1zmKYZGAErPYx_AP-t2CgAE&fb=ima_html5-lima&sdkv=h.3.488.0&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=44725355%2C44747319%2C44750823&vmfc=14&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 363A 42 B
121 B 18ms
17ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 363A 0
0 44ms
44ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=C1bBP1zmKYcP6E9ujgAf4gZawDbjs2YRmio_VvYIP97e-z4gKEAEg8ev7RmCVgoCAuAegAeuw8coCyAEFqQLzxtyxf3CzPqgDAZgEAKoElwJP0I7WVsBQEOO_BC74l71zY6TZj4O1g1KHtKkGAWJUPb44DUIR3s-d_eMcoy3QBSNHtqLZFqgV1WOeFL6z2BjS2YoYdbVliGDyHpFrK2HUhZx6IJMxfCRsb7tH91M0Bm8S2oen1ptVI10CQ9VFP1Se2Dl0UhTHFryLUej92DJU7bIrPMZbsFD7a0H3yQi4xS3DzOTpLuMEQ_JtNQi0rYJYC36ZKI_2genPLxAB6JIZxIF3PDym2SbZh41UAD9iWDbBxLSZQZwL8xat-B96DD8rsB7lHbkkByAwrersuK6ynKN2hprRpNYDoQEqYj3XwH91vnOTUi1K3LbI3X6vzMkcjdAnSjEdSbe10p7h6-piWTehYGEDjJTABN-t5eTtA-AEA4gF4pPUjjiSBQYIAxABGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB_3OjrUBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEMX3MRiYkPa3AdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tODE0ODMyNDA4NDI4ODgzOYAKA8gLAbATy4-EDcgT44zW3gPYEw2IFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItOTUwNTgyMzc0Mzk3ODMzNxi54ig&sigh=67o1ZqQ-948&cmd=Ch1jYS12aWRlby1wdWItOTUwNTgyMzc0Mzk3ODMzNxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&cid=CAQSPACNIrLMWRIMb9PiYLBCGPL1yKwYbggVQLLu9RkyibGgPB6BoSqoYoTPRwhxwWm6We6-nydACF8CHrqtTQ&vt=10&sdkv=h.3.488.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTQwNjgyODg0ODZAoQIKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDk3Njg4MzcyCTE1OTc0MjM0NkDBAVIzCMUHEA8lAACgQSgBOgsxNTk3NDIzNDYtMUIER0RDTVAAWhB6OTV3TlNaSkxnSjMyQkl3GAE.
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 611af0b422e7f.image.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/c/4f/c4f997ea-fee6-11eb-afcc-0729c5797ff6/ 14 KB
14 KB 16ms
16ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/c/4f/c4f997ea-fee6-11eb-afcc-0729c5797ff6/611af0b422e7f.image.jpg?resize=300%2C200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b67aa0fd43be8390f5936335aae9271dd3c0ff035b62cbe23e5334ec28d2d3ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 43947
last-modified: Mon, 16 Aug 2021 23:11:48 GMT
cf-bgj: h2pri
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "aee54b500299308e45ea304161b42dbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ab5e1252b462bad-FRA
expires: Sat, 27 Aug 2022 08:23:45 GMT

GET
H2 200 61120e45d4f58.image.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/7/e0/7e0d0470-f99b-11eb-8b57-3b790fb3bb55/ 3 KB
3 KB 19ms
18ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/editorial/7/e0/7e0d0470-f99b-11eb-8b57-3b790fb3bb55/61120e45d4f58.image.jpg?resize=150%2C99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aa550ecc9a1578c31e2a9c63af480bb38c44fd93f88c3d76ed9d035e2904fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
cf-cache-status: HIT
age: 6389276
last-modified: Tue, 10 Aug 2021 05:27:35 GMT
strict-transport-security: max-age=604800
content-length: 3201
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "44ffb5cae0bccc49c8c46ceeb5852484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 26 Aug 2022 03:34:14 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab5e1252b472bad-FRA
cf-bgj: h2pri

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 269ms
111ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kvrvbh9v&c=5017336323064&slotId=2508668161532&eee=missing-element&bi=missing-id&ulv=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 09 Nov 2021 09:05:27 GMT

GET
H/1.1

206
Partial Content

54
r5---sn-4g5ednd7.c.2mdn.net/videoplayback/id/15c792a42054f511/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779016388/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 3E06
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/15c792a42054f511/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779016388/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r1---sn-4g5ednd7.c.2mdn.net/videoplayback/id/15c792a42054f511/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779016388/sparams/acao,ctier,expire,id,ip,ipbits,i...
https://r5---sn-4g5ednd7.c.2mdn.net/videoplayback/id/15c792a42054f511/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779016388/sparams/acao,ctier,expire,id,ip,ipbits,i...

3 MB
3 MB

64ms
7ms

Media
video/mp4

2a00:1450:4001:16::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednd7.c.2mdn.net/videoplayback/id/15c792a42054f511/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779016388/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B7376A153CB3222CAA7851F98C51B0E88DB6E9B.34E674CC29F2ECC9B8233F3958429D2D8961E454/key/cms1/cms_redirect/yes/mh/xm/mip/2a01:4f8:212:78e:2a::1/mm/42/mn/sn-4g5ednd7/ms/onc/mt/1636447502/mv/u/mvi/1/pl/54?cpn=z95wNSZJLgJ32BIw&ir=1&rr=12&fexp=24052761&file=file.mp4

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:16::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

96a0458a087631c064521a48814af5e10aa1798c2affbeadf0d089e90d649bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Oct 2021 14:46:27 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2906507/2906508
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2906508
Expires: Tue, 09 Nov 2021 09:05:28 GMT

Redirect headers

Date: Tue, 09 Nov 2021 09:05:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://r5---sn-4g5ednd7.c.2mdn.net/videoplayback/id/15c792a42054f511/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779016388/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B7376A153CB3222CAA7851F98C51B0E88DB6E9B.34E674CC29F2ECC9B8233F3958429D2D8961E454/key/cms1/cms_redirect/yes/mh/xm/mip/2a01:4f8:212:78e:2a::1/mm/42/mn/sn-4g5ednd7/ms/onc/mt/1636447502/mv/u/mvi/1/pl/54?cpn=z95wNSZJLgJ32BIw&ir=1&rr=12&fexp=24052761&file=file.mp4
Cache-Control: private, max-age=900
Connection: close
Content-Length: 0
Expires: Tue, 09 Nov 2021 09:05:28 GMT

GET
H2 200 564517f5a6e02.smallImage.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/bannerad/6/c5/6c57c84e-4fa2-11eb-a84d-2309098d6c5a/ 12 KB
12 KB 14ms
14ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/bannerad/6/c5/6c57c84e-4fa2-11eb-a84d-2309098d6c5a/564517f5a6e02.smallImage.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64fa10b6737bf2104e6b7ec815ae1e800685e5cc18cd4f20bdc6fc537db20532

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
cf-cache-status: HIT
age: 310716
last-modified: Tue, 05 Jan 2021 22:07:38 GMT
strict-transport-security: max-age=604800
content-length: 12216
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5ff4e32a-2fb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 17 Oct 2022 13:37:11 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab5e125bc742bad-FRA
cf-bgj: h2pri

GET
H2 200 610c2bc561f5a.largeImage.jpg
bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/bannerad/6/c5/6c57c84e-4fa2-11eb-a84d-2309098d6c5a/ 139 KB
139 KB 15ms
15ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/ivpressonline.com/content/tncms/assets/v3/bannerad/6/c5/6c57c84e-4fa2-11eb-a84d-2309098d6c5a/610c2bc561f5a.largeImage.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffd04327d934fdb328ae34e43bef4dff355ac07f6346fee7a65d736896b99e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:27 GMT
cf-cache-status: HIT
age: 677818
last-modified: Thu, 05 Aug 2021 18:19:49 GMT
strict-transport-security: max-age=604800
content-length: 142042
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "610c2bc5-22ada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 05 Aug 2022 18:22:22 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab5e125bc772bad-FRA
cf-bgj: h2pri

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 66AE 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 08:45:28 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C3B5 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 09 Nov 2021 08:43:00 GMT
expires: Wed, 09 Nov 2022 08:43:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DDA6 783 B
737 B 18ms
18ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c20ecf3d72872c0778ebe15048722bb92fcc0d17af7c45c3ae22e1995f241ecc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SwCBg4uzOIoaefnEPnRykA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 09 Nov 2021 09:05:27 GMT
date: Tue, 09 Nov 2021 09:05:27 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-SwCBg4uzOIoaefnEPnRykA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9419 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=721900699798839&bg=!b2ylbCjNAAYH3anuB907ACkAdvg8Wo2J7lb_7Wcie1EwLPJCTS9PZbvPnU0oInLG20vbL4SurB_11AIAAAHEUgAAAGhoAQeZAufJCLuWRO9vlz4rFngL-dM8z5LgxlxCf0R67a3MHyp3u1NNQ4tvzjGGuoxnmTt-zSAxRA82LliPDvmHyQwwUUyjXf3AU6aElodcA-gdnrvrnXHLdPMAzb3lz5TWUYZVpQEOYjqP-HdhDQDgsHjuyfu92Pu0Df7fXlD95cJgOT1Z4SxUvkIQBlg6L9nKM9Vj2-wAToelsi5cy-yHq4GsDB07JuRa7jecwP60zHmmpN4nkIyQ2AeG9QcGpA6Dwp-XnhPQXknq6LaJe4jd_1rNDjWY0h9hkwAj3BnALzoAOmM54YNHqtlmaRH4ReNom4zGUjpuE1NXqvGvuwWnBBgAhyOBiVDQYgD06QidJ73m5-EuTNBZXMBLdgZArtX1f6wKwvnub2h1GNDsHetxqwIkY8k_kW14NH0Ifx17AV2Z4JBDXnjUPuea-bxXMLdpkfPDLo3tujGkK7_CtoT6Pda-ifjOj6gpbajb-665nKDLg_KFzpmjydXPhezR_dyjfElMiV2zVNWvg0eHHcwQSv4or-Ma5WJbzvYs4PqrcewI2up4-Hh8X8yT31ou2HXZSNP412AHZF-rki58-Zh4vnClQ9nd20NApNKyOSqd72nya7y6MEkJrGtMdDpHGhogMl_uhKuI6KIMX6dAGUPM5jBIhcGUG6FbcO5BsVEyIlHlx759_l8lKHYZnpuSf8D5uKllHvrUvRrStlllcma1JDpQMQxSPGRcQACjSSevvHgla-DuA8BJvvUkt_e7LT4Z2Jrz-7V55RoGXm83fNLUuZQ6xMNKJxznstQpHmSo7Lhlj9OUNNx_j6_LuBITNt7iYQP4bzqhBktRyQaU6YSPIZSNGHdGGqrHSwkKJLIk0MdXVCsNX6zUGo6tGw2cVc8Ic4UgzKFHoaIdewKhJu5aKW0ux5DAFK3QZaOzmmagqKDP1R76OCEQaYY3lqQOo-86yxH5R7TLuktWWERHS6m2vyUYNaLPUCLh7eymPQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0B59 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 09 Nov 2021 08:43:00 GMT
expires: Wed, 09 Nov 2022 08:43:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 180D 783 B
761 B 16ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b9d9f81f6230131781903db92e1e109ce7635fb4ce64a6e784bc26cbd0655008

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hXHxPRleyXDiTOVVTvwbIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 09 Nov 2021 09:05:28 GMT
date: Tue, 09 Nov 2021 09:05:28 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-hXHxPRleyXDiTOVVTvwbIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D243 0
56 B 41ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=3859272977251331&bg=!w8ClwITNAAYH3anuB907ACkAdvg8Wg_G-w7rGLxgLImO8OTnntzhimwaGbKdxD1ZoE5Vogwj5MlqOgIAAAG7UgAAAIxoAQeZAuG3zR1H-SkzLW2ZLdqRxwPodEi0-Xiqag-Za46DV3Nu3XeXnuzQZnxYj9k1pbJX3V4yoUdsvd-HCKrqbQSmvml96MBl1_a44iEVZlr_2CesICGvcBRHFhFW83mxUrtKi3e_mA8oU7j7R4eT1OuS3AD8Kd1ywZaLnLJdqEcVe8FWEFaTNGtw1LP-6envzUwRReoQkbf6rXALTvohKUCnOp46Yvj7dfue6I2-zsdiBI5Cv9hbtY8_GKHlNjaYUwhk8HkuEViWqp1jR9r8M9IiF_qBuCBT2il_2t9BQ6y4fZg85zwCuHATqGisAerPxiofV9NmUkSXvsMGPCP-MQ4v5-ynDeaD-WywCAI6yBCXoL-Xq_-1Ajf_WTE8s222hfm7dawuhTBSITOFP3YlNsygt-H0O0F4BHnzcLHqdBMZCnL4JwZsROqSi2qrE8EnIeyH7U2twge1USoGC5x-kUDdb8iVq17q_JXL8DW0wIByr9PEYeiWsgioayzny6rz-xO6iMbgGm7DrCD0LvZAeFKG9Uf__Xoo2FROv4l4f4N42o_DMFSnFx5uJAfKDWj98bCpSulcB4TnODEPQ3df4aeXKoPWj_hs5crJ3--ctdBQCrsTWizEAmz4COMkYY5qHkHUmypssgUDfcJd-0guvwlDeyODgNX6KQ1sHRAKP_5BE4b7blKUzl_zaXy184BCT2LPfdAjdanRSv1g7-qKXJtHHsqvbalE72M_OLzorc-P-gJCzsZsXed7FV8EI_hKtrz-lYIp8iB63n4RRYFcNnCoXHY_KRuvhDgKvIyEq1pLZbdxJ5d41bHJzqAqKeMCWVfWyYB8UI0QHSLM3OnUS03WnF0micJK0oChfEfG2N96joKcfms8j8oMokqj9wrUhURFut3NGVHsx18MWtj21Fxkc05FhaJFhjLZ2WZzQwANzYRL3b3uMz65iEaCPlx8UufeRESlHxq1LnfX3lmzooFmmmizYQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 363A 0
54 B 111ms
111ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kvrvbjbq&c=5017336323064&slotId=2508668161532&qqid=CIPC18j2ivQCFdsR4Aod-IAF1g&gqid=1zmKYZGAErPYx_AP-t2CgAE&fb=ima_html5-lima&sdkv=h.3.488.0&mrd=4&aab=0&itv=1&gpm_i=14&gpm_c=14&gpm_a=14&smb=1000&br=965&mt=video%2Fmp4&vs=640x360&webm=4&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C8D4 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=2642831976271669&bg=!NzSlNHDNAAYH3anuB907ACkAdvg8WqXpWrU4uAR0LdM4dwjckoEHM1lzZt5Md6_JcBaWCQRnKjTUvgIAAAIDUgAAAFtoAQcKAIJhrdtInLALuveypmFXpjgndybfhxmY3NliOBW7fDZ046usFmGoFF4Ki1kie2jEgnnAX7vbJo719w4XFo1p56SM_aJnyxGdgV99Bv74eoN-8cykMb1_OWRFkuu_c96PXNN5Yq-h6ayZlWu-I4FfWEHVohX16gsUCrMbKMQNfkEd4wTRmQLklTr58-LXR1CpygOSgKC7L7ijri-9yAGgHBzLqmAJb8ScjAg9XewlmAvD_jtFwr-_xRTAzNGxdRqQHiD1T9Ov3VY8xavR6t3KApQJPIVVPj4szR305E-fBsh8NyQBcq5TgeWIw_cK5PqPRW0ECNr58vGpDbEI8iXWiABPOsAmQLP0Ud3mC3hTk6bOcdgnEqThq0CumgqNLP9wE67KRz8IuFLclm8zVrEQ6k7txEQ11-tL8Y1pb8Ujv-W25B2CN44we3shRH0gtw1670OXUYXWqMYoxFHSDUi5Ca7wQr6iRmc9chDr3S3ltHRlv0Je4UylL_RT3iR8T9DfbOVyYTcafxZckUdqO-wv1Bz_nsPbs53gQa5HOAcZx-nmN7GTzJ9O7s_h3PTJeZppT1xFWCD2pUGZl-t0tBTSVeSa1vznF4AY5Ci6PqSVEy3Wo81Rmu-HD1i0NkaDRCNPRlUqlBJvHdoJPLCQ1jPiBSqO5yjR4asu84oT6zlkRYtKLVg8DWNSSmb8hqudzgkBwyLeh4aRmKKrXA6HtdQ4ZgT4WyS2LKimp0mFa6mv7ETcKDd965ysfpuuYC9JNND8Gx_9g7Qn_lUlV3csVXstDoMN_ZaLGWRsgwwoPy_7I4G7Y0wFJMSpmyJ6W1y0l7FP7GvTMvy8LLAtbMgljcdf9cBL6hYA7P6soGzkiC3k_XMMxs9Z7pdj9FDzvb5RmBTKNVOfUldPiciJKftrNfauNmNvp0OndZg-ologd4yjokVZ5j4wtDAisOk5xJdfntXRaRLTXUd48iEa5KgXTe4YDzJWM7kr3N1Ec7grq8y12kC8BFS3PuOHB7R7y_u7ltLoePPyoampw-hJJEWG87IEf_tbdiILUIkw13LOJy2KH-Gr5OzS9TaVwZQjXAhaEhr1KCUdw3Wqbw-UluTdnT4NrXUKXKhaf_k2eaOd8I96E9HbNQNnQPaIp9ors6hngwfq6bmCXgEqHQhT0SQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DDA6 0
0 56ms
56ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=3989742107190364&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 180D 0
0 46ms
46ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=2732810371971083&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame C3B5 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 08:45:28 GMT

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B59 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 08:45:28 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
45 B 413ms
109ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kvrvbjd8&c=5017336323064&slotId=2508668161532&met.4=hvd_lc.kvrvbjd9~hvd_src.kvrvbjd9&umsem=0&ps=749x421&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fplayer.sendtonews.com%252Fplayer7%252Fplayer%252F65.21.7%252Fplayer.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 413ms
110ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~kvrvbjna&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fjs-sec.indexww.com%252Fht%252Fp%252F187621-164323601241456.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 413ms
110ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~kvrvbjna&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fembed.sendtonews.com%252Fplayer4%252Fdata_read.php%253Fcmd%253DloadInitial%2526session%253D22Zx-fvNwpFFs8y5%2526instance%253D062640%2526version%253D65.21.7%2526age%253D211109%2526ESG_key%253D5b3IdoCM%2526type%253Dbarker%2526EXTREF%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F%2526REF%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F%2526ogSet%253D1&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 515ms
211ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~kvrvbjnb&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fimasdk.googleapis.com%252Fjs%252Fsdkloader%252Fima3.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 514ms
211ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~kvrvbjnb&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fd29xw9s9x32j3w.cloudfront.net%252Fplayers%252Flibrary%252Fstreamsense%252F6.3.4.190424%252FcomScore.gt.min.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 515ms
212ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=7~kvrvbjnb&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fd29xw9s9x32j3w.cloudfront.net%252Fplayers%252Flibrary%252Fprebid%252F4.13.0%252Fprebid.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 414ms
111ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=8~kvrvbjnb&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fs2l.sendtonews.com%252Fstn_trk.gif%253Fsession%253D22Zx-fvNwpFFs8y5%2526instance%253D062640%2526version%253D65.21.7%2526age%253D211109%2526cmd%253DPRE_INIT%2526key%253D5b3IdoCM%2526order%253D1%2526EXTREF%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F%2526REF%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F%2526canonical%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 414ms
110ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=9~kvrvbjnc&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fmatch.adsrvr.org%252Ftrack%252Frid%253Fttd_pid%253Dcasale%2526fmt%253Djson%2526p%253D187621&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 414ms
111ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=a~kvrvbjnc&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fapi.rlcdn.com%252Fapi%252Fidentity%253Fpid%253D2%2526rt%253Denvelope&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 414ms
111ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=b~kvrvbjnc&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fid.sv.rkdms.com%252Fidentity%252F%253Fvendor%253Didsv2%2526sv_cid%253D5274_04512%2526sv_pubid%253DSENDTONEWS%2526sv_domain%253Dwww.ivpressonline.com&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 414ms
111ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=c~kvrvbjnc&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fplayer.sendtonews.com%252FbidderFiles%252F0.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 513ms
210ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=d~kvrvbjnd&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.resonate.com%252Fanalytics.js%252Fv1%252F200302733%252Fanalytics.min.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 513ms
210ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=e~kvrvbjnd&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fimasdk.googleapis.com%252Fjs%252Fcore%252Fbridge3.488.0_en.html%2523goog_1023150873&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 514ms
211ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=f~kvrvbjnd&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Ftimber.sendtonews.com%252Ftimber%252Fdata_stn_l.php%253FCMD%253DGET%2526ESG_key%253D5b3IdoCM%2526ES_key%253D5b3IdoCM%2526ES_ID%253D31182%2526S_RKEY%253D0%2526USR_ID%253D214062640%2526ST_usrKey%253D22Zx-fvNwpFFs8y5%2526SM_ID%253D0%2526C_ID%253D12120%2526C_companyName%253DRISN%2526version%253D650210070%2526sC_ID%253D0%2526AC_ID%253D2010%2526TYPE%253DBARKER%2526EXTREF%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F%2526REF%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F%2526PLAYERWIDTH%253D749%2526PLAYERCODE%253DLVFNSN%2526OGSET%253D1%2526REFONLY%253D0%2526STRIPQUERY%253D1&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 513ms
211ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=g~kvrvbjnd&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fs2l.sendtonews.com%252Fstn_trk.gif%253Fsession%253D22Zx-fvNwpFFs8y5%2526instance%253D214062640%2526version%253D65.21.7%2526age%253D211109%2526cmd%253DGET%2526key%253D5b3IdoCM%2526c_id%253D12120%2526seq%253D0%2526order%253D2%2526EXTREF%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F%2526REF%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F%2526playerCfg%253DBR%2526canonical%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 514ms
212ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=h~kvrvbjnd&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Ftimber.sendtonews.com%252Ftimber%252Fdata_stn_l.php%253FCMD%253DRTP%2526ESG_key%253D5b3IdoCM%2526ES_key%253D5b3IdoCM%2526ES_ID%253D31182%2526S_RKEY%253DnEINZbC1wV%2526USR_ID%253D214062640%2526ST_usrKey%253D22Zx-fvNwpFFs8y5%2526SM_ID%253D1247804%2526C_ID%253D12120%2526C_companyName%253DRISN%2526version%253D650210070%2526sC_ID%253D9956%2526AC_ID%253D2008%2526TYPE%253DBARKER%2526EXTREF%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F%2526REF%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F%2526PLAYERWIDTH%253D749%2526PLAYERCODE%253DLVFNLN%2526OGSET%253D1%2526REFONLY%253D0%2526STRIPQUERY%253D1&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 510ms
208ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=i~kvrvbjne&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fs0.2mdn.net%252Finstream%252Fvideo%252Fclient.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 511ms
210ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=j~kvrvbjne&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fs2l.sendtonews.com%252Fstn_trk.gif%253Fsession%253D22Zx-fvNwpFFs8y5%2526instance%253D214062640%2526version%253D65.21.7%2526age%253D211109%2526cmd%253DRTP%2526key%253D5b3IdoCM%2526c_id%253D12120%2526seq%253D1%2526order%253D3%2526EXTREF%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F%2526REF%253Dhttps%253A%252F%252Fwww.ivpressonline.com%252F%2526playerCfg%253DBR%2526sC_ID%253D9956%2526sm_id%253D1247804%2526load%253D1%2526status%253DLVFNLNIY%2526ac_id%253D2008&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 511ms
209ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=k~kvrvbjne&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fd29xw9s9x32j3w.cloudfront.net%252Fimages%252Fsocial%252Freddit.png&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 511ms
209ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=l~kvrvbjne&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fd29xw9s9x32j3w.cloudfront.net%252Fimages%252Fsocial%252Ffacebook.png&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 510ms
209ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=m~kvrvbjnf&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fd29xw9s9x32j3w.cloudfront.net%252Fimages%252Fsocial%252Ftwitter.png&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 510ms
209ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=n~kvrvbjnf&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fd29xw9s9x32j3w.cloudfront.net%252Fimages%252Fsocial%252Femail.png&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 420ms
119ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=o~kvrvbjnf&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fib.adnxs.com%252Fut%252Fv3%252Fprebid&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 419ms
119ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=p~kvrvbjnf&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fprebid-server.rubiconproject.com%252Fopenrtb2%252Fauction&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 420ms
119ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=q~kvrvbjnf&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fsearch.spotxchange.com%252Fopenrtb%252F2.3%252Fdados%252F229991&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 424ms
123ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=r~kvrvbjnf&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fads.adaptv.advertising.com%252Frtb%252Fopenrtb%253Fext_id%253DSendtonewsDirect&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 508ms
208ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=s~kvrvbjng&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fhtlb.casalemedia.com%252Fcygnus%253Fs%253D438214%2526v%253D8.1%2526r%253D%25257B%252522id%252522%25253A%252522967a367501fdda%252522%25252C%252522imp%252522%25253A%25255B%25257B%252522id%252522%25253A%2525221075c397c1e0be5%252522%25252C%252522ext%252522%25253A%25257B%252522siteID%252522%25253A%252522438214%252522%25252C%252522sid%252522%25253A%252522749x421%252522%25257D%25252C%252522video%252522%25253A%25257B%252522context%252522%25253A%252522instream%252522%25252C%252522mimes%252522%25253A%25255B%252522video%25252Fx-m4v%252522%25252C%252522video%25252Fmpeg%252522%25252C%252522video%25252Fmp4%252522%25252C%252522application%25252Fjavascript%252522%25252C%252522video%25252Fwebm%252522%25252C%252522video%25252Fogg%252522%25255D%25252C%252522minduration%252522%25253A5%25252C%252522maxduration%252522%25253A30%25252C%252522protocols%252522%25253A%25255B2%25252C3%25252C5%25252C6%25252C7%25252C8%25255D%25252C%252522w%252522%25253A749%25252C%252522h%252522%25253A421%25252C%252522placement%252522%25253A1%25252C%252522linearity%252522%25253A1%25252C%252522api%252522%25253A%25255B2%25255D%25252C%252522battr%252522%25253A%25255B9%25255D%25252C%252522sizes%252522%25253A%25255B%25255B749%25252C421%25255D%25255D%25252C%252522playerSize%252522%25253A%25255B%25255B749%25252C421%25255D%25255D%25257D%25257D%25255D%25252C%252522site%252522%25253A%25257B%252522page%252522%25253A%252522https%25253A%25252F%25252Fwww.ivpressonline.com%25252F%252522%25257D%25252C%252522ext%252522%25253A%25257B%252522source%252522%25253A%252522prebid%252522%25257D%25252C%252522source%252522%25253A%25257B%252522ext%252522%25253A%25257B%252522schain%252522%25253A%25257B%252522ver%252522%25253A%2525221.0%252522%25252C%252522complete%252522%25253A1%25252C%252522nodes%252522%25253A%25255B%25257B%252522asi%252522%25253A%252522sendtonews.com%252522%25252C%252522sid%252522%25253A%252522vIELRGjeioDxfMyKGHFQlg%252522%25252C%252522hp%252522%25253A1%25252C%252522rid%252522%25253A%252522da6ec3cd-f921-4ca8-83f4-0c4dcab8fe27%252522%25257D%25255D%25257D%25257D%25257D%25252C%252522user%252522%25253A%25257B%252522eids%252522%25253A%25255B%25257B%252522source%252522%25253A%252522adserver.org%252522%25252C%252522uids%252522%25253A%25255B%25257B%252522id%252522%25253A%252522bf35582e-6696-486b-a5e7-1d8f7f8b8eb1%252522%25252C%252522ext%252522%25253A%25257B%252522rtiPartner%252522%25253A%252522TDID%252522%25257D%25257D%25252C%25257B%252522id%252522%25253A%252522FALSE%252522%25252C%252522ext%252522%25253A%25257B%252522rtiPartner%252522%25253A%252522TDID_LOOKUP%252522%25257D%25257D%25252C%25257B%252522id%252522%25253A%2525222021-11-09T09%25253A05%25253A24%252522%25252C%252522ext%252522%25253A%25257B%252522rtiPartner%252522%25253A%252522TDID_CREATED_AT%252522%25257D%25257D%25255D%25257D%25255D%25257D%25257D%2526ac%253Dj%2526sd%253D1%2526nf%253D1&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 508ms
208ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=t~kvrvbjng&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fsendtonews-d.openx.net%252Fv%252F1.0%252Favjp%253Fju%253Dhttps%25253A%25252F%25252Fwww.ivpressonline.com%25252F%2526ch%253DUTF-8%2526res%253D1600x1200x24%2526ifr%253Dtrue%2526tz%253D0%2526tws%253D1600x1200%2526be%253D1%2526bc%253Dhb_pb_3.0.3%2526dddid%253D9c922c68-bb8d-4761-8e7d-f71701405978%2526nocache%253D1636448725630%2526schain%253D1.0%25252C1!sendtonews.com%25252CvIELRGjeioDxfMyKGHFQlg%25252C1%25252Cda6ec3cd-f921-4ca8-83f4-0c4dcab8fe27%25252C%25252C%2526auid%253D540931806%2526vwd%253D749%2526vht%253D421&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 411ms
112ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=u~kvrvbjng&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fhbopenbid.pubmatic.com%252Ftranslator%253Fsource%253Dprebid-client&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 411ms
112ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=v~kvrvbjnh&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fpi979-10rsz.ads.tremorhub.com%252Fad%252Ftag%253FadCode%253Dpi979-bkhbg%2526playerWidth%253D749%2526playerHeight%253D421%2526srcPageUrl%253Dhttps%25253A%25252F%25252Fwww.ivpressonline.com%25252F%2526supplyCode%253Dpi979-10rsz%2526c4%253Dic_0702043%252Cic_9301104%252Cic_4962242%252Cic_9954675%252Cic_2592227%2526schain%253D1.0%252C1!sendtonews.com%252CvIELRGjeioDxfMyKGHFQlg%252C%252Cda6ec3cd-f921-4ca8-83f4-0c4dcab8fe27%252C%252C%2526transactionId%253D9c922c68-bb8d-4761-8e7d-f71701405978%2526referrer%253Dhttps%25253A%25252F%25252Fwww.ivpressonline.com%25252F%2526hb%253D1%2526fmt%253Djson&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 416ms
117ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=w~kvrvbjnh&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fas-sec.casalemedia.com%252Fheaderstats%253Fs%253D340102%2526u%253Dhttps%25253A%25252F%25252Fwww.ivpressonline.com%25252F%2526v%253D3&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 416ms
118ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=x~kvrvbjnh&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fs2l.sendtonews.com%252Fstn_trk.gif%253Fsession%253D22Zx-fvNwpFFs8y5%2526instance%253D214062640%2526version%253D65.21.7%2526age%253D211109%2526ldt%253DIMA%2526key%253D5b3IdoCM%2526seq%253D1%2526order%253D4%2526recoveryMethod%253DSSAI%2526imaVersion%253D3.488.0%2526blocked%253Dfalse%2526recovered%253Dfalse&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
45 B 416ms
118ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=y~kvrvbjnh&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fd29xw9s9x32j3w.cloudfront.net%252Fvideos%252Fvideo_thumb%252FXL%252Fy1ood9ixic5dcx754estsemlpha7ektc.jpg&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 416ms
118ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=z~kvrvbjnh&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fd29xw9s9x32j3w.cloudfront.net%252Fvideos%252Fm3u8%252Forn652os714nr385q68ps4155179015nplaylist.m3u8&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
45 B 418ms
120ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=10~kvrvbjnh&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fd29xw9s9x32j3w.cloudfront.net%252Fvideos%252Fm3u8%252F300k%252Forn652os714nr385q68ps4155179015n.m3u8&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E06 0
54 B 416ms
118ms Ping
image/gif 2607:f8b0:4009:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=11~kvrvbjni&c=5017336323064&slotId=2508668161532&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fd29xw9s9x32j3w.cloudfront.net%252Fvideos%252Fm3u8%252F300k%252Forn652os714nr385q68ps4155179015n-00001.ts&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 363A 42 B
108 B 17ms
17ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 363A 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:36:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 04 Nov 2022 05:36:45 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 363A 0
56 B 39ms
38ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 363A 0
24 B 51ms
50ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIIavTsobBnpIA_Gq8zvikhEuSTOcX5f2H136D8z6-O66k950s4gUQKFbisG-gITEWjRR2dRe8CAm8UhpFer1zcxDORBaQjnVS7MljKfu4uav4UnSv6qkIodi7t_kR1Ia-hgVM1xV7KWykFSrt4lFo_Zdr4kG-FA7RZ5ciqIpICA2o338jpVqL7D_FigxQYBy0YlpGJKIp1XmD-KCunZhl5yys-dWILRl3X2zBhkkUM5GMAWp7HA6JDrkA7QsDjE2tXeUR2bNwjeOIPyicH_tod0ljH-MI84ZyzjWyC5ar9_PKdxpRN4UZenQpndBL8oGXgL_ZXydU2cuiV96ts5ECOVJecItXu38NCXmHZf4zxcUa09_UxOqsqrnzSpwRUmDYxMZ1_UyGkVb2lyZPmi5iFs5S47QiEiAajMUQMVRJINRJJTRLqBMVtmFrGWP3NA9d46kiMUMW14ltjoXyEo2nIliTFBkV058abrVB-dOCOFrz0llmCFRubV_3nUx2AOTw-deu-QQ7WPQ5cA-kWXYKAxeXtjW-a1o7kvs6BV-Y0H2hS6e-q5Ydt7V0hikw4TVQBXSYFce7IEko0to3BUErHE6JuWEoGnWKkGbFuQR19GBkOTyN6BGtvqjIXygXoBp4ZWBI9UHg6f_psM4H7HKVfjjHertRcNrC8_0m-Og_Zyi2SAE0fKuclsrULXRWD5uGmnXqDyFaUxroBxf5XumRlH9bjE5SOYqCbc0p2P1PiXO4h4EIvWfLjlQxrOB1Igz_XxGxm95f4kllyowZV3YvVcKV67hiHzIKe6baUmx9IDtzSzXJgn94D9ygS8aKN1ya74TykFpIzZK4VXOhIs98C-BsPSeurDZeJQsCVOFo4MbceHytcsFIQbqO-CHieo6GWJWyPjvAQ-gO1Dv4xwwxZftELKbPpW68i50zmUwX78w3HGlV8Mzpb6fJnIVj00yDJCJ-h3m8Qi90UC7BR7Hi3GwmYMxBk5fx-uhBnvZCa-TDfF421LV5ds5BUkXwHezni2UNOPx_yawLRjpXPrNBtwLCN5DwclyUhU7uavpfs_Jhm46wVN22IOMYg6DjPZAXgJhSRW9gmADHHY_OMbqNYzfb_Byr7ejChKwDS2uG6fxKMlk9K-2sHikuCptH7BQ_tdmAlL1O865vR_rMThquqTvfAdzaqHiwJdF6uGvIH-SEQvdXeSUZwRjz-uw0syUod8RHQBTXOCSI9XV4p3mOpYSxs6fiwOeUO8waWxH2H8CH3QTeiUD73V5PF329N5DAbq-a1UmnWAJf_Pf1Zpe2qcckfW1IXYm1MipxdJg&sai=AMfl-YSwALy0pTLq967bgo9vaN0WTqhF8E2tWWCrCISf1awDmUYJ_-4dUWkqWOTa9LoNoRDVu2u4Skh07qtBk8f213Ic_q2lbNwrhB_2fNXPa4kl__TthlKAujwE2NoFq7c4vt1dnofSr5GpJlk605JvTbs9RdlyoA&sig=Cg0ArKJSzOPyY5f8ihg0EAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.488.0&adurl=

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 09 Nov 2021 09:05:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 363A 0
0 18ms
17ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfaCRC_nMwCGJiQ9rcBIAEwAQ&v=APEucNWuiwZia0DEaxT5-p9bVmEbRwvop95ubi_NBTmEg7upWWiv-FJsA96QqcHlZEK1CnE0RZhezGUZlA7oP3WnUHNgTD4PHg
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 363A 42 B
108 B 20ms
18ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CysUE1zmKYcP6E9ujgAf4gZawDbjs2YRmio_VvYIP97e-z4gKEAEg8ev7RmCVgoCAuAegAeuw8coCyAEFqQLzxtyxf3CzPqgDAcgDE5gEAKoEmgJP0I7WVsBQEOO_BC74l71zY6TZj4O1g1KHtKkGAWJUPb44DUIR3s-d_eMcoy3QBSNHtqLZFqgV1WOeFL6z2BjS2YoYdbVliGDyHpFrK2HUhZx6IJMxfCRsb7tH91M0Bm8S2oen1ptVI10CQ9VFP1Se2Dl0UhTHFryLUej92DJU7bIrPMZbsFD7a0H3yQi4xS3DzOTpLuMEQ_JtNQi0rYJYC36ZKI_2genPLxAB6JIZxIF3PDym2SbZh41UAD9iWDbBxLSZQZwL8xat-B96DD8rsB7lHbkkByAwrers4K8QgKtMEKhDZiHF89DsBdQxmJ-Tx4NeJ92vwajCYXSG1B3zWKXXpZAJZ69AKmC5Cy7PTRu5oKPd3kV0LsnABN-t5eTtA-AEA5AGAaAGToAH_c6OtQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTQ4MzI0MDg0Mjg4ODM5gAoDmAsByAsBgAwBsBPLj4QN2BMNiBQC2BQB0BUBgBcB&sigh=07reDiqhWlQ&label=vast_creativeview&ad_mt=0&acvw=sv%3D905%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D4082,231,4503,980%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D940%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D546415894%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636448727909%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1636448727525&sdkv=h.3.488.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTQwNjgyODg0ODZAoQIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDk3Njg4MzcyCTE1OTc0MjM0NkDBAVI2CMUHEA8lAACgQSgBOgsxNTk3NDIzNDYtMUIER0RDTUikA1AAWhB6OTV3TlNaSkxnSjMyQkl3GAE.

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI46nuyPaK9AIVgeAbCh2JOAKDEAAYACCK85VMQhMIg8LXyPaK9AIV2xHgCh34gAXW;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D4082,231,4503,980%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame 363A 42 B
107 B 68ms
43ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI46nuyPaK9AIVgeAbCh2JOAKDEAAYACCK85VMQhMIg8LXyPaK9AIV2xHgCh34gAXW;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D4082,231,4503,980%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D940%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D546415894%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636448727911%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636448727525;ecn1=1;etm1=0;eid1=200101;

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 363A 42 B
110 B 44ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvyPRc3Riy-lPtkqNPQHVc0mESjb5XOdE3UNZ22L98tUDZrc8CVL2X5zhfUMbo6fc2mSiPbJu_9MWgrVlZerlxP45zL2ZyhbiNyUXbyjnJkAR6SC4RCQ&sai=AMfl-YRPzO5DusVeo5XDhHSgwDCS6rQVCLKUCF8g4BoduR2R431RODVvrySeKV9tSa585Piilmp182EzWl5DdK_5R0adLg6OKPOeexK8Q-HyNLwbyjAxJaLzjqasg_2V&sig=Cg0ArKJSzM6qZzNXcAOKEAE&cid=CAASEuRo4cMEVlAr1a2-1yU9hf8lOQ&id=lidarv&acvw=sv%3D905%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D4082,231,4503,980%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D940%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D546415894%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636448727911%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636448727525&avm=1

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI46nuyPaK9AIVgeAbCh2JOAKDEAAYACCK85VMQhMIg8LXyPaK9AIV2xHgCh34gAXW;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D4082,231,4503,980%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26...
ade.googlesyndication.com/ddm/activity/ Frame 363A 42 B
494 B 67ms
43ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI46nuyPaK9AIVgeAbCh2JOAKDEAAYACCK85VMQhMIg8LXyPaK9AIV2xHgCh34gAXW;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D4082,231,4503,980%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D940%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D546415894%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636448727912%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636448727525;dc_rfl=1,https%253A%252F%252Fwww.ivpressonline.com%252F%240;ecn1=1;etm1=0;eid1=11;

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 363A 42 B
108 B 21ms
18ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CysUE1zmKYcP6E9ujgAf4gZawDbjs2YRmio_VvYIP97e-z4gKEAEg8ev7RmCVgoCAuAegAeuw8coCyAEFqQLzxtyxf3CzPqgDAcgDE5gEAKoEmgJP0I7WVsBQEOO_BC74l71zY6TZj4O1g1KHtKkGAWJUPb44DUIR3s-d_eMcoy3QBSNHtqLZFqgV1WOeFL6z2BjS2YoYdbVliGDyHpFrK2HUhZx6IJMxfCRsb7tH91M0Bm8S2oen1ptVI10CQ9VFP1Se2Dl0UhTHFryLUej92DJU7bIrPMZbsFD7a0H3yQi4xS3DzOTpLuMEQ_JtNQi0rYJYC36ZKI_2genPLxAB6JIZxIF3PDym2SbZh41UAD9iWDbBxLSZQZwL8xat-B96DD8rsB7lHbkkByAwrers4K8QgKtMEKhDZiHF89DsBdQxmJ-Tx4NeJ92vwajCYXSG1B3zWKXXpZAJZ69AKmC5Cy7PTRu5oKPd3kV0LsnABN-t5eTtA-AEA5AGAaAGToAH_c6OtQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTQ4MzI0MDg0Mjg4ODM5gAoDmAsByAsBgAwBsBPLj4QN2BMNiBQC2BQB0BUBgBcB&sigh=07reDiqhWlQ&label=part2viewed&ad_mt=0&acvw=sv%3D905%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D4082,231,4503,980%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D940%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D546415894%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636448727912%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636448727525&sdkv=h.3.488.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTQwNjgyODg0ODZAoQIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDk3Njg4MzcyCTE1OTc0MjM0NkDBAVI2CMUHEA8lAACgQSgBOgsxNTk3NDIzNDYtMUIER0RDTUikA1AAWhB6OTV3TlNaSkxnSjMyQkl3GAE.

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI46nuyPaK9AIVgeAbCh2JOAKDEAAYACCK85VMQhMIg8LXyPaK9AIV2xHgCh34gAXW;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D4082,231,4503,980%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame 363A 42 B
107 B 66ms
43ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI46nuyPaK9AIVgeAbCh2JOAKDEAAYACCK85VMQhMIg8LXyPaK9AIV2xHgCh34gAXW;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D4082,231,4503,980%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D42%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D42%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D42%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D940%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D546415894%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636448727916%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636448727525;ecn1=1;etm1=0;eid1=16;

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 363A 42 B
108 B 21ms
19ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CysUE1zmKYcP6E9ujgAf4gZawDbjs2YRmio_VvYIP97e-z4gKEAEg8ev7RmCVgoCAuAegAeuw8coCyAEFqQLzxtyxf3CzPqgDAcgDE5gEAKoEmgJP0I7WVsBQEOO_BC74l71zY6TZj4O1g1KHtKkGAWJUPb44DUIR3s-d_eMcoy3QBSNHtqLZFqgV1WOeFL6z2BjS2YoYdbVliGDyHpFrK2HUhZx6IJMxfCRsb7tH91M0Bm8S2oen1ptVI10CQ9VFP1Se2Dl0UhTHFryLUej92DJU7bIrPMZbsFD7a0H3yQi4xS3DzOTpLuMEQ_JtNQi0rYJYC36ZKI_2genPLxAB6JIZxIF3PDym2SbZh41UAD9iWDbBxLSZQZwL8xat-B96DD8rsB7lHbkkByAwrers4K8QgKtMEKhDZiHF89DsBdQxmJ-Tx4NeJ92vwajCYXSG1B3zWKXXpZAJZ69AKmC5Cy7PTRu5oKPd3kV0LsnABN-t5eTtA-AEA5AGAaAGToAH_c6OtQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTQ4MzI0MDg0Mjg4ODM5gAoDmAsByAsBgAwBsBPLj4QN2BMNiBQC2BQB0BUBgBcB&sigh=07reDiqhWlQ&label=admute&ad_mt=0&acvw=sv%3D905%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D4082,231,4503,980%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D42%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D42%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D42%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D940%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D546415894%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636448727916%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636448727525&sdkv=h.3.488.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTQwNjgyODg0ODZAoQIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDk3Njg4MzcyCTE1OTc0MjM0NkDBAVI2CMUHEA8lAACgQSgBOgsxNTk3NDIzNDYtMUIER0RDTUikA1AAWhB6OTV3TlNaSkxnSjMyQkl3GAE.

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 3E06 26 B
186 B 101ms
101ms Image
image/gif 100.25.5.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=22Zx-fvNwpFFs8y5&instance=214062640&version=65.21.7&age=211109&ldt=AD_IMP&key=5b3IdoCM&seq=1&order=5&iu=/92056281/imperialvalleypress-premium&adX=true&lineItem=554068288486&adSystem=AdSense/AdX&firstLineItem=554068288486&firstAdSystem=AdSense/AdX&lineItemsGDFP=&logAssertiveYield=false&rmt=ns
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.5.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-5-11.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H/1.1 200
OK data_stn_l.php Show response
timber.sendtonews.com/timber/ Frame 3E06 0
253 B 140ms
140ms XHR
text/html 50.17.207.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=5b3IdoCM&ES_key=5b3IdoCM&ES_ID=31182&S_RKEY=nEINZbC1wV&USR_ID=214062640&ST_usrKey=22Zx-fvNwpFFs8y5&SM_ID=1247804&C_ID=12120&C_companyName=RISN&version=650210070&sC_ID=9956&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.ivpressonline.com/&REF=https://www.ivpressonline.com/&PLAYERWIDTH=749&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.7/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.207.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-207-51.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:28 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 0
Expires: Tue, 09 Nov 2021 09:05:29 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 3E06 26 B
186 B 101ms
101ms Image
image/gif 100.25.5.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=22Zx-fvNwpFFs8y5&instance=214062640&version=65.21.7&age=211109&cmd=INV&key=5b3IdoCM&c_id=12120&seq=1&order=6&EXTREF=https://www.ivpressonline.com/&REF=https://www.ivpressonline.com/&playerCfg=BR&alt=0&sC_ID=9956&sm_id=1247804&load=1&status=LVFNLNIY&ac_id=2008
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.5.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-5-11.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:28 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2

200

p2
sb.scorecardresearch.com/ Frame 3E06
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1636448725549&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns...
https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1636448725549&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&n...

64 B
330 B

10ms
9ms

Image
image/gif

13.225.78.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1636448725549&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=20000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=pre-roll&ns_st_ci=1247804&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1636448727994&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2445&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Conde%20Nast&c3=sendtonews&c4=Entertainment&c6=*null&c7=https%3A%2F%2Fwww.ivpressonline.com%2F&c8=&c9=
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/
Protocol: H2
Server: 13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-101.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:28 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: MOGPnU6KOln8Ru-vU_IlOH4m33mXVMCaRJmOggIdNM-BNOalKvIjZA==

Redirect headers

date: Tue, 09 Nov 2021 09:05:28 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1636448725549&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=20000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=pre-roll&ns_st_ci=1247804&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1636448727994&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2445&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Conde%20Nast&c3=sendtonews&c4=Entertainment&c6=*null&c7=https%3A%2F%2Fwww.ivpressonline.com%2F&c8=&c9=
content-length: 1192
x-amz-cf-id: _2jIdYwWAV-GA7qGKnrXz-6oL38FtAnEPWqSV76CpbW3RVvMOfGnWA==

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 909D 23 KB
9 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Mon, 08 Nov 2021 05:48:36 GMT
expires: Tue, 08 Nov 2022 05:48:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 98212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9AFA 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlD0I1zmKYaidDJidgQeVmbOADAAAAAA4AeAEAg&bg=!_v2l_bnNAAYH3anuB907ACkAdvg8WmffYvUw_AkjU8UgdY8LQff1Z-lEH-z80xZNO6574E8BzQI2oAIAAAHQUgAAACZoAQeZAzIt1_KVuNyQmfKw2TcsioPe5tqHXCeEHyzz1kUVqgeMnGFexFdhPolH_sLl5EILuxO98Vp13bM8jwj4bFqdBXTp5eXr212LC2-A4qkAcJn9Lj8RJy9Rw2s4tRJZCjzX_EG2gD9uqbMxOrPqGkcVpHgS1Q8Ar-HPBa95rxNlAqnDmQ7uh7cqz2vEdsT-gX_Cf-rhu1zAx7fkLlYK3UUIGN0XgPOZ6oJRaolMz7SLbpvljM1VNJ4uA3YuEQKQIotuR7WBStot3lyPjKRoLI8rRGqne6ATCrFCVsyqH2npok-SI4XZ0FD5VuNkKCNqom1HtH6fGIqtgD3ui8e7LN55gEJe7-QRRlf4HD63XHTKuoO1AaAX-ZjEmru16vodo9cVHuTgMrcJg8J4ho0Qtpp8erhtnX19Sz4M80njwWBMESscYYCKmRY0nv6AdmytRz7sq3wIEoGBhu0ay-Umax9vrKag6WgvBQ9tLHbxQkw9GUBgevswS-AS_uKxKIEU0YcG08wUj5O7ezkZ-E34TImL9OLq5BGr0y0f1Kaa9xTDi_eJ6ngj5WJ9xMSdmKaAZt1ibYQnfuwj2xD9CIdW5k0zLG3hVodb0Pqpv5JGbolaGQ6TqqKQ_deHQhs427CoyunLmbds8pDobVlOa6_U7XFomM3z-hg1S7Ryte6ML8qQKXprJsKhQpQDLUelgcMNMyZA-1l-v_Lon2jJWvvex0E8JxDw3bsGWX5EV0P1xuXJuBo96q7-Wc10AzIQuPOr1CKKwcICo66j4X-90InL4TO-upRC-KPpUEdHdo1LsoN2U43yTxlrjpzgkyKgdEEdfiV6CmME8d7luHap1TGzRbMNbF27L9-2e6vQTIl3PoPqObRzAeLNst2z87DU5qeGE3S1Es3LGfLV5Y_esKNe_0IIFZO02IB1vl8DKN-wtU2YNyYtVBaBVXoaRd_We-ocZqH9MCbS2kgQop1SAgr0gA8mNZDbrKMbfUjc5BEIlg0x7Asy7xKz8K3DOmlYCWNy5V6lyHEejWoQkmKkOsK44V1xcEMTI6xHLbALJ8igQjxKwJRViMFrp4eAWBL-zic4_h10QR1KhA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cr6w3YeOZbdvzGsTB8jc1jWyQH2Tx0ZUK6FFw6rgKog.js Show response
pagead2.googlesyndication.com/bg/ Frame 909D 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cr6w3YeOZbdvzGsTB8jc1jWyQH2Tx0ZUK6FFw6rgKog.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72beb0dd878e65b76fcc6b1307c8dcd635b2407d93c746542ba145c3aae02a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 20:34:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Nov 2022 20:34:50 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2611 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=3989742107190364&bg=!SkmlSQ3NAAYH3anuB907ACkAdvg8Wpt8uYUjtaoOR-jKPM7NCc-L9gAEMHjaShR65-56iEQIcXudYwIAAAGBUgAAAB5oAQeZAtkEZTcHjmrMwYyXEn2RmN2VjuZmBwSDiPb61n4-sp3fWcki6v-iko03XPDbjQ0Zrxj06zLzurqQ9r-2wyk7oQqpPvz9cRtxVGIaWtPu1IaIbhH1OKCIZJb85KoTy3RzMiJWe7Be1Vv0Bx2YzNs5VJVNm-RmkPGsVVlB9vGlOu_lpQcaBx2JyxrU2HNUBSHaYlZ38dFglXLHn8CM9bopxGQJmFuioiZgfGiHTIFnp0V1yAO3ctZ46ydcWt_el_Vbvm2CWhTubLPG6mEhJp2f37B3J6hvyI9ZpNJ_nbJfDrk4KLGmiMp023L92Hi8p6IUJ3zwsKVreylcV3dEscBJTy2s28wU1o6UGxMo0vOvy02gBEAxHJgZSfdysXG7Wbq7XHGy6M6t4y5gLXRGUHsbLl6D4jLXAER1AgSTHwKHs1Y5LoGCF3JmaaEwCybCotR1ZGCyzkktznfcNjKthOvHsttHpEHdq8IgGJp3Ai4kpif73VyGpyZRuu8MFTHefRsRz2iGvJxGscnUzcOjEcJEopSzhGkGTBdVPdTOih-UZQGGplvCH-O2QQUe07ZE01ZzYO4oY0x7LgVBfLhEJcDPOozYt-Yi0xJ-GpqE6xMr3iruzBydu7e_lws--dlm1mn0VVVTTHwIoOy9Zk_PpP6TnfTsuX12ab7ngxBk3aLc4SYNDTkH-3q8JBzXA-5BqfjKh2jCXshiHOmWMg0aQZa48TfUi-jMNIFo2guOGjutDTxEWqI1A3FquWt7nq7Die_gB3TxYh3uOZUWmhri3iwqgCjZt8RsnTc58QYnwpOl1xZ1_MAC5JBMiZeKY4x-NSy44qMvqvTWZaga3d8Kv-KPiHAoO33-xi_MMTP6ucj3LxS2rpOz-F7ftpmPzrXgZver1gFY3Aunoex8s4qpFjatAvz28fk5VutFNKvelHcJF1mgzifFaBbMxJ0v6cd4UsBZnJQlbEGrwspUwhk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=2732810371971083&bg=!VValVhLNAAYH3anuB907ACkAdvg8Wtq-htj545VxihaFihIoBplIXPLZJT3KmGoXRLq-XGHjpRal3AIAAAFUUgAAACRoAQeZAshz2h_BpiBM-oeI2xcIqs8W9VHSBlQFZDkzaDtBOhNZE_IrQXo_obGNeJy7qefEcZ6JY-40KyCXKtxBWKBCAXFhN9TzwsmEGlnP5L7_uoVSrTFxyJ-cNUiUY0L4UWcJIR5PjH-zVVijlRNCXLuAeoa-nyEVHvIywBFrJXqXMxFM41untJ8h8KEjl1cnbfuAi5o6rIqZjbqM-bYblQFCe-e_e9Yltb1b76_85XbrQAcD8nPB6Hq5L5IGyhCx2pvtdnCElxqA5OvNizq8ZfDScbIjOWHpsrbX-Cs4I2BlyK3KPDr_zGuniRZjhkvax7etl0H0huvEZSM84LLXSwMRYkL60C1gy6p8yACq99eTG-rvOivC9MIiXemvjHAJ1_ewrxGH619DNxCltd-KcgqNNpKSQebQT5QZV0VBFqfoF4avZBLNKZSHleP7RRRKtwXGXbLkrW06cNYLEcAPTaUC5YLxyD6Y813Uv2J9U9eS7oii1ysmwA-TrnZcfdpu6A9RQu5wFjdkzy-iFLpTPxwkMFFCL9IVNbLrRmUBLQsPC39s-k8coydN_xtOh7eAtBe5PFpALUBeS2-iy3cCHDcIecfBM-ZK87PN-XB9_DsoqmCxzDPHosu9swKB1PNHtU0VOHuLwYKcZWC2ddb-g7ydO1J3uREv6Pf-yPgGo-HRmUCz0DMbTQS4Z3ffUzwA40ZE00hY00IOTawQg2-oA3CFs90fHy26k8Fb2qTMyK7O3Zwrus0ZX859BGEpR8d6LKVvssQl4bTBJDK7-vbQShCjiVIGCeI9qdXOj-AbyQMvba-50jkH2FpF59KbOPCSDsVmUGHBZudl0wGSt4FaX2_7N2I-u7-CTQqQ7byOppWoAfVH2FmyIbQx71S27vgBZGPi6tUGTNMmxhvKzoOTJOVHkKG9vLL7qEBHTkxgS8KDIWtdtxLpNopr9MsO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 909D 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.488.0&bgai=BxlyG1zmKYaPiKoHBb4nxiJgIAAAAADgB4AQC&bg=!PT6lPnrNAAYH3anuB907ACkAdvg8WrwC-d7FCa_19Alss33oCimUouQxIA6xvbSyEqx_knH5w2FDnAIAAADUUgAAAApoAQcKAD3wWclIbeykR01i-fz1UpuvSupXbPICM-D7XtDuRA08W-JngKmgjyEQa7vABrRF4PaW7LI80kiTR-vbVuzumQL2iSXYg-R08IFDhW-OF3-3iH-3gjZSxIwDDZIcvSSsUpVpFWn6WLrLUJBC-z1iBpXwSXAUtJZwDmlRXic79q8shoyYdVhDKXCcHv7j_w7GSnU5MB678mPeuTSpMepIWswhIB163WIoW360pCenuMJ-EKpHpCams_odFmlLcJ4yTdFzZxCWBICxxXIQpt0TTZfqhL5j7_0umPP5H7gKQ0sdka71LHCTwl6DtHkgn8FjI6xDVbfnmEi4ag-NgQYZ0AIqfDBdi6yMhM1iTDPd154Si-YZCwWu5hc8PywyxJuW9V3dq4X79s2S-zeWOdiG23Yy7l1rmaTUcmgnF8vSyADAjBko8pLPFv6J2qGpmQSl5JbDNFv-M6eKjT_DWccDTAcoUZJWPg1-C4Xj6sOmhVskMTKAbTGsP7chlr1Bhs_mtihPZnEk1wlrBAf6m9AUzahKj6O1hhXo9BZHJliovhDRcH4jZ9e3boncgQm1gGjHEyyoJXcnMkBtm28xWqDw7rqlPooPqGTSoP_6YJjou9BSHJlQlf1roL5Z_eHspWLDOGSsGvNs-ho_0MXIPUPEiOyIfLX3-BNE8rJMD2PaHGr85eYKY1ZLU9T0IgyJ_8pDHH0KsoZHe2NprYocVWeJfGMSR9EvuoBIux2QXZoGTfbdbCZEZMAczyt5QC9AmHJT9hv9cb4JNQDBz2Nv-YN9Lr9s9moHwpCi2RJHjXC0OCQ5Sq2FWUTeWQKJ89uhGXNaOpeoWz5OWUVGEZjUI4D8wu8k6X-kOp-OiikPjzKUQOCCWbxn5n4T7ZT2cTQOsVAXKsLHGdFV_gDAGCEfFXHnX93JHsQkwfUsV9-8dZrQoXXt-M4HB8mnMeBc5p7XHOtbjDoocbIWfJ1nxDzuhSW68tMFhf_r_Nzw2mhOJC9KWanIepk11WaMIsLP_OussdPiyAo0gTNb18ppYJNg_peFGpODbXejBAglqAZo2tDoNhX2MsxRCQmpVELTaNiosSqY4V3hH-pz2U8

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 403 /
ivpressonline.com/tncms/tracking/bannerad/impressions/ 0
48 B 83ms
83ms Ping
text/plain 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ivpressonline.com/tncms/tracking/bannerad/impressions/?i=frontpage/block-pencil-one1/6c57c84e-4fa2-11eb-a84d-2309098d6c5a,
Requested by: Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 09:05:28 GMT
content-length: 0

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 2BD5 668 B
752 B 26ms
19ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4c2fa84bf5eb75d9d92489e36d8fbeeb9d713a4bffea5cec7a3ebf7a0b5b957d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 09 Nov 2021 09:05:29 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame DA18 281 B
554 B 48ms
6ms Document
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Nov 2021 09:05:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

204

sync
ups.analytics.yahoo.com/ups/57304/ Frame 3E06
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP2fb6b974-413c-11ec-930f-06c3ec34c576
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP2fb6b974-413c-11ec-930f-06c3ec34c576&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAyZmI2Yjk3NC00MTNjLTExZWMtOTMwZi0wNmMzZWMzNGM1NzY%3D
https://pixel.advertising.com/ups/57304/sync?uid=CAESEMViZ8pc-hj4hXhJJNsAktM&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMViZ8pc-hj4hXhJJNsAktM&google_cver=1&apid=UP2fb6b974-413c-11ec-930f-06c3ec34c576

0
20 B

11ms
11ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMViZ8pc-hj4hXhJJNsAktM&google_cver=1&apid=UP2fb6b974-413c-11ec-930f-06c3ec34c576

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:29 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMViZ8pc-hj4hXhJJNsAktM&google_cver=1&apid=UP2fb6b974-413c-11ec-930f-06c3ec34c576
date: Tue, 09 Nov 2021 09:05:29 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55953/ Frame 3E06
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=bf35582e-6696-486b-a5e7-1d8f7f8b8eb1&_origin=1&gdpr=1&gdpr_consent=

0
15 B

61ms
17ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=bf35582e-6696-486b-a5e7-1d8f7f8b8eb1&_origin=1&gdpr=1&gdpr_consent=

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:29 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:29 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=bf35582e-6696-486b-a5e7-1d8f7f8b8eb1&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55986/ Frame 3E06
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=YYo52QADOBiWrAAz&_origin=0&gdpr=0&gdpr_consent=&_test=YYo52QADOBiWrAAz
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YYo52QADOBiWrAAz&_origin=0&gdpr=0&gdpr_consent=&_test=YYo52QADOBiWrAAz&apid=UP2fb6b974-413c-11ec-930f-06c3ec34c576

0
134 B

10ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55986/sync?uid=YYo52QADOBiWrAAz&_origin=0&gdpr=0&gdpr_consent=&_test=YYo52QADOBiWrAAz&apid=UP2fb6b974-413c-11ec-930f-06c3ec34c576

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ivpressonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:05:29 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55986/sync?uid=YYo52QADOBiWrAAz&_origin=0&gdpr=0&gdpr_consent=&_test=YYo52QADOBiWrAAz&apid=UP2fb6b974-413c-11ec-930f-06c3ec34c576
date: Tue, 09 Nov 2021 09:05:29 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 2BD5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=79f5618a-39d7-4a00-b002-9b2d329575a6

43 B
122 B

28ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=79f5618a-39d7-4a00-b002-9b2d329575a6
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:29 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 09 Nov 2021 09:05:29 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x15 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=79f5618a-39d7-4a00-b002-9b2d329575a6
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 Nov 2021 09:05:28 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2BD5
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=qBqvuq0S8-KzSvXjrRu64_hO9L6zH6e--Em_el_U

43 B
106 B

17ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=qBqvuq0S8-KzSvXjrRu64_hO9L6zH6e--Em_el_U
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:29 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=qBqvuq0S8-KzSvXjrRu64_hO9L6zH6e--Em_el_U
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 2BD5
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2084561459374446081

43 B
106 B

17ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2084561459374446081
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:29 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:29 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2084561459374446081
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 2BD5 70 B
264 B 38ms
35ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=e40eab9e-76ef-33f7-5c3b-233337fa2cdc&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 2BD5 170 B
188 B 23ms
22ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg2MTc4NTQtYmY5OC02ZDUzLTQ5ZGItNzk4YWZkMThlMmJj

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2BD5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKn0BBG7BVP72epBjt4G9Pk&google_cver=1

43 B
106 B

23ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKn0BBG7BVP72epBjt4G9Pk&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:29 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKn0BBG7BVP72epBjt4G9Pk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DA18 32 KB
10 KB 12ms
10ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 09:05:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 21:03:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18345
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9506
Expires: Tue, 09 Nov 2021 14:11:14 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame DA18 284 B
536 B 43ms
10ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET
H3 200 dc_oe=ChMI46nuyPaK9AIVgeAbCh2JOAKDEAAYACCK85VMQhMIg8LXyPaK9AIV2xHgCh34gAXW;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D861,1175,1100,1600%26tos%3D2023,0,0,0,0%26mtos%3D2023,202...
ade.googlesyndication.com/ddm/activity/ Frame 363A 42 B
63 B 58ms
43ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI46nuyPaK9AIVgeAbCh2JOAKDEAAYACCK85VMQhMIg8LXyPaK9AIV2xHgCh34gAXW;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D861,1175,1100,1600%26tos%3D2023,0,0,0,0%26mtos%3D2023,2023,2023,2023,2023%26amtos%3D0,0,0,0,0%26mcvt%3D2023%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2294%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D482%26pst%3D487%26dur%3D20010%26vmtime%3D2204%26dtos%3D2023%26dtoss%3D1%26dvs%3D2023%26dfvs%3D2023%26dvpt%3D2252%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D940%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D546415894%26psm%3D-2147483641%26psv%3D7%26psfv%3D7%26psa%3D0%26ptlt%3D1636448730168%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2023;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1636448727525;ecn1=1;etm1=0;eid1=200000;

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 363A 42 B
108 B 45ms
44ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvyPRc3Riy-lPtkqNPQHVc0mESjb5XOdE3UNZ22L98tUDZrc8CVL2X5zhfUMbo6fc2mSiPbJu_9MWgrVlZerlxP45zL2ZyhbiNyUXbyjnJkAR6SC4RCQ&sai=AMfl-YRPzO5DusVeo5XDhHSgwDCS6rQVCLKUCF8g4BoduR2R431RODVvrySeKV9tSa585Piilmp182EzWl5DdK_5R0adLg6OKPOeexK8Q-HyNLwbyjAxJaLzjqasg_2V&sig=Cg0ArKJSzM6qZzNXcAOKEAE&cid=CAASEuRo4cMEVlAr1a2-1yU9hf8lOQ&id=lidarv&acvw=sv%3D905%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D861,1175,1100,1600%26tos%3D2023,0,0,0,0%26mtos%3D2023,2023,2023,2023,2023%26amtos%3D0,0,0,0,0%26mcvt%3D2023%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2294%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D482%26pst%3D487%26dur%3D20010%26vmtime%3D2204%26dtos%3D2023%26dtoss%3D1%26dvs%3D2023%26dfvs%3D2023%26dvpt%3D2252%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D940%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D546415894%26psm%3D-2147483641%26psv%3D7%26psfv%3D7%26psa%3D0%26ptlt%3D1636448730168%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2023&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1636448727525

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ Frame 64D8 0
45 B 15ms
14ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LM5S7ZWXZV&gtm=2oeb80&_p=868411477&sr=1600x1200&ul=en-us&cid=1750995675.1636448721&_s=2&dl=https%3A%2F%2Fwww.ivpressonline.com%2F&dt=Evvnt%20Discovery%20Plugin&sid=1636448724&sct=1&seg=0&en=scroll&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LM5S7ZWXZV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivpressonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ivpressonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B4A4 42 B
108 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8uvDf4_6WlxAY2V3gn1fJOlCsCp1C0selsog8aXqmqo_UdSp9-OPmVuqzGbkX_MgXrI0Rq0ldwIPIN5lrQWFxJKLC9mBfBwtRiXw-d_nshR9VJG_46A&sai=AMfl-YSMV1QgHlI6Qr-3Th1c7XNYpKROlSy0vMkPJAqjHi37RNpHmnKcBHyGjWcF5n7CrRk9uLiwZ6chVslBcHlH1tk_E7I1rbP3_zR-FFu2XvCusz2CTiWK_Su8rO2e&sig=Cg0ArKJSzIeXjUjHiGfoEAE&cid=CAASEuRo9An8vwz6CwgF_9pptumSww&id=lidar2&mcvt=1001&p=799,1039,1049,1339&mtos=713,844,1001,1127,5898&tos=1332,131,156,127,4152&v=20211108&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3983859211&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636448725534&rpt=1525&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMI46nuyPaK9AIVgeAbCh2JOAKDEAAYACCK85VMQhMIg8LXyPaK9AIV2xHgCh34gAXW;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D861,1175,1100,1600%26tos%3D4963,0,0,0,0%26mtos%3D4963,496...
ade.googlesyndication.com/ddm/activity/ Frame 363A 42 B
63 B 44ms
43ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI46nuyPaK9AIVgeAbCh2JOAKDEAAYACCK85VMQhMIg8LXyPaK9AIV2xHgCh34gAXW;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D861,1175,1100,1600%26tos%3D4963,0,0,0,0%26mtos%3D4963,4963,4963,4963,4963%26amtos%3D0,0,0,0,0%26mcvt%3D4963%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5234%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1097%26pst%3D487%26dur%3D20010%26vmtime%3D5204%26dtos%3D2940%26dtoss%3D2%26dvs%3D2940%26dfvs%3D2940%26dvpt%3D2940%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D4963,4963,4963,4963,4963%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D940%26femvt%3D0%26emc%3D28%26emuc%3D0%26emb%3D26,0,0,0,0%26avms%3Dexc%26qi%3D546415894%26psm%3D-2147483585%26psv%3D63%26psfv%3D63%26psa%3D0%26ptlt%3D1636448733108%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4963;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1636448727525;ecn1=1;etm1=0;eid1=960584;

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 363A 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CysUE1zmKYcP6E9ujgAf4gZawDbjs2YRmio_VvYIP97e-z4gKEAEg8ev7RmCVgoCAuAegAeuw8coCyAEFqQLzxtyxf3CzPqgDAcgDE5gEAKoEmgJP0I7WVsBQEOO_BC74l71zY6TZj4O1g1KHtKkGAWJUPb44DUIR3s-d_eMcoy3QBSNHtqLZFqgV1WOeFL6z2BjS2YoYdbVliGDyHpFrK2HUhZx6IJMxfCRsb7tH91M0Bm8S2oen1ptVI10CQ9VFP1Se2Dl0UhTHFryLUej92DJU7bIrPMZbsFD7a0H3yQi4xS3DzOTpLuMEQ_JtNQi0rYJYC36ZKI_2genPLxAB6JIZxIF3PDym2SbZh41UAD9iWDbBxLSZQZwL8xat-B96DD8rsB7lHbkkByAwrers4K8QgKtMEKhDZiHF89DsBdQxmJ-Tx4NeJ92vwajCYXSG1B3zWKXXpZAJZ69AKmC5Cy7PTRu5oKPd3kV0LsnABN-t5eTtA-AEA5AGAaAGToAH_c6OtQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTQ4MzI0MDg0Mjg4ODM5gAoDmAsByAsBgAwBsBPLj4QN2BMNiBQC2BQB0BUBgBcB&sigh=07reDiqhWlQ&label=videoplaytime25&ad_mt=5205&acvw=sv%3D905%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D861,1175,1100,1600%26tos%3D4963,0,0,0,0%26mtos%3D4963,4963,4963,4963,4963%26amtos%3D0,0,0,0,0%26mcvt%3D4963%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5234%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1097%26pst%3D487%26dur%3D20010%26vmtime%3D5204%26dtos%3D2940%26dtoss%3D2%26dvs%3D2940%26dfvs%3D2940%26dvpt%3D2940%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D4963,4963,4963,4963,4963%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D940%26femvt%3D0%26emc%3D28%26emuc%3D0%26emb%3D26,0,0,0,0%26avms%3Dexc%26qi%3D546415894%26psm%3D-2147483585%26psv%3D63%26psfv%3D63%26psa%3D0%26ptlt%3D1636448733108%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4963&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1636448727525&sdkv=h.3.488.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTQwNjgyODg0ODZAoQIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDk3Njg4MzcyCTE1OTc0MjM0NkDBAVI2CMUHEA8lAACgQSgBOgsxNTk3NDIzNDYtMUIER0RDTUikA1AAWhB6OTV3TlNaSkxnSjMyQkl3GAE.

Requested by

Host: www.ivpressonline.com
URL: https://www.ivpressonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 09:05:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ivpressonline.com/	1970-01-23 11:51:10	Name: TNNoMobile Value: 1
embed.sendtonews.com/	1970-01-19 22:34:09	Name: AWSELBCORS Value: AB7769910C09524E3F673477D3796BB23C89D09F9BFB5D4C7F8E1C8EB6D236C1CB7CD79E12C59E61EBB541A0AAA984817791847C8F393B83E82C4781D5313197A81B8455A0
.pymx5.com/	1970-01-20 02:53:20	Name: _ia_uid Value: eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.f1-BiCNKRSOpyXodoNCTDPbjPyPyZ0_sCxVjQjzwEjf7CpJtzU_Kfg.4tYaOaxq79uqPXAu.1REebReLMhFX9LEmzDkd-_1_gUYc839R-Uhu7dy61zzQZRCz6hzgHGYFfpRjuIeCHcwLEIe87UXfWwJwcqyt274XMUGJCfcaQfCv7TmNMpCITbMFIFH7ThX5h9PqUVkNuObS3jFHFg5quulbn3GXUFx-V0NJnTWi_hCDDT6jiGUCBxA3OzgV1R1d_Et1ompuzWhiTIlicJD-LVdyShv1x7MTiE3R5U2gCyVx1cYjZEsv7v23kV3LoFtqxNlBikUu_hkFtBhMRbtkLqpw2quLpXW85PzyMl674JGFgZAkL1932BMAaz96GRsOOK6PIgbovxMx5f3LXzPbsPGslpqxGlyeCBZ4np0j9xAeFvN1ij0.RrNZi6kwgUS-LBsUrUtnrw
.pymx5.com/	1970-01-20 02:53:20	Name: _ia_version Value: 2
.postrelease.com/	1970-01-20 07:19:44	Name: opt_out Value: 1
www.ivpressonline.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":7143802,"placementID":1043892,"lastInteraction":1636448720808,"sessionStart":1636448720808,"sessionEndDate":1636502400000,"experiment":""}
.ivpressonline.com/	1970-01-19 22:34:12	Name: AMP_TOKEN Value: %24NOT_FOUND
.ivpressonline.com/	1970-01-19 22:35:35	Name: _gid Value: GA1.2.1694545836.1636448721
.ivpressonline.com/	1970-01-19 22:34:08	Name: _dc_gtm_UA-54716522-7 Value: 1
.ivpressonline.com/	1970-01-19 22:34:08	Name: _gat_UA-40003229-3 Value: 1
.doubleclick.net/	1970-01-20 07:55:44	Name: IDE Value: AHWqTUlgKqEQSFSDGhuQ0ja1Ht591ZgnvI4hbMrJqC0Gd8YsTk_zrL3DwS-nNKq_O4M
.adsrvr.org/	1970-01-20 07:19:44	Name: TDID Value: bf35582e-6696-486b-a5e7-1d8f7f8b8eb1
.ivpressonline.com/	1970-01-20 07:55:44	Name: __gads Value: ID=855c6868de9abe31:T=1636448721:S=ALNI_MbLUAdLJzXhpbH9__Uq67eNW75sGw
.openx.net/	1970-01-20 07:19:44	Name: i Value: 37a294c7-df68-0c00-06ed-ebdb53dd1f21\|1636448726
.ivpressonline.com/	1970-01-20 16:05:20	Name: _ga Value: GA1.1.1750995675.1636448721
.google.com/	1970-01-20 02:57:39	Name: NID Value: 511=DtI7BPYDiraOWH7Cxd75YRA8ofParNchQ1qahh1gCSrKT3Q3xFVpeL-UhMtwUCbZIR9vN-O2tgMNKm_e47QwH3W4PU7CN4cTH5hwRwEJnowstzaYnpQSKlt0cdpgMcIQUIfN5L3lWfg4UUEfczHGMfKWwTwCT9FMnHICQyM0aHk
.ivpressonline.com/	1970-01-20 16:05:20	Name: _ga_LM5S7ZWXZV Value: GS1.1.1636448724.1.0.1636448726.0
.adnxs.com/	1970-01-20 00:43:44	Name: uuid2 Value: 596329974658260716
.casalemedia.com/	1970-01-20 07:19:44	Name: CMID Value: YYo51wFwYgY8eNe3T6xw1wAA
.casalemedia.com/	1970-01-20 00:43:44	Name: CMPS Value: 5232
.casalemedia.com/	1970-01-20 00:43:44	Name: CMPRO Value: 1114
.casalemedia.com/	1970-01-19 22:35:35	Name: CMST Value: YYo512GKOdcA
.casalemedia.com/	1970-01-20 07:19:44	Name: CMRUM3 Value: 2d618a39d72760CAESEJkyjME7lfhd8d6lvm3ur-0
.adnxs.com/	1970-01-20 00:43:44	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVUv<J79!]tbPl1M>e)ZlrFUfJ+tGXxpKUd2NR?VtK/^i>Xf^zfE(_BnP!ZsmzS1xkmsbpRzqF1`b`7C=:I<
.3lift.com/	1970-01-20 00:43:44	Name: tluid Value: 10944282861250629356
.bidswitch.net/	1970-01-20 07:19:44	Name: tuuid Value: 4b9f7a20-1c50-4d8e-b9cb-5265dcaf1bd9
.bidswitch.net/	1970-01-20 07:19:44	Name: c Value: 1636448727
.bidswitch.net/	1970-01-20 07:19:44	Name: tuuid_lu Value: 1636448727
.mathtag.com/	1970-01-20 08:00:03	Name: uuid Value: 79f5618a-39d7-4a00-b002-9b2d329575a6
.mathtag.com/	1970-01-19 23:17:20	Name: mt_mop Value: 4:1636448727
.crwdcntrl.net/	1970-01-20 05:02:56	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:02:56	Name: _cc_id Value: 3f47f537e9363e5aec5dd12a77f711ed
.crwdcntrl.net/	1970-01-20 05:02:56	Name: _cc_cc Value: "ACZ4XmNQME4zMU8zNTZPtTQ2M041TUxNNk1JMTRKNDdPMzc0TE1hAILELsvrIBoKAFyZCxk%3D"
.crwdcntrl.net/	1970-01-20 05:02:56	Name: _cc_aud Value: "ABR4XmNgYGBI7LK8DqSgAAAYSwH8"
.volvelle.tech/	1970-01-20 07:19:44	Name: ouuid Value: d04508fe-3e9d-4356-9428-199f2bf3a8e9
.volvelle.tech/	1970-01-20 07:19:44	Name: c Value: 1636448727
.tribalfusion.com/	1970-01-20 00:43:44	Name: ANON_ID Value: a4nseFSZdIiiSTnMSYlkhxi0ZdnfpkYoAoxgZdpvZaPto108bA2bYbsZai1kd5RqNnaM7gpuVyZcRfUd427nq3LJpj
.volvelle.tech/	1970-01-20 07:19:44	Name: ouuid_lu Value: 1636448728
.scorecardresearch.com/	1970-01-20 15:50:56	Name: UID Value: 12JIDYWWAVGA7QGKNRXZ6Og1636448728
.openx.net/	1970-01-19 22:55:44	Name: pd Value: v2\|1636448729\|gekin0vNiygu
.adsrvr.org/	1970-01-20 07:19:44	Name: TDCPM Value: CAEYASABKAIyCwiCnaHw2dqROhAFOAFaBmFkYXB0dmAC
.advertising.com/	1970-01-20 07:21:11	Name: APID Value: UP2fb6b974-413c-11ec-930f-06c3ec34c576
.yahoo.com/	1970-01-20 07:20:06	Name: A3 Value: d=AQABBNk5imECEIdc4x9wn52pZiQbyzCC4j0FEgEBAQGLi2GUYQAAAAAA_eMAAA&S=AQAAAqb-GbYRCwML3HK1mvgEGLE
.everesttech.net/	1970-01-20 07:19:44	Name: everest_g_v2 Value: g_surferid~YYo52QADOBiWrAAz
.quantserve.com/	1970-01-20 00:43:44	Name: d Value: EPkBDAHXJIqsMA
.quantserve.com/	1970-01-20 08:04:23	Name: mc Value: 618a39d9-ab830-8fece-40efb
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP2fb6b974-413c-11ec-930f-06c3ec34c576
.yahoo.com/	1970-01-19 22:35:35	Name: APIDTS Value: 1636448729
.analytics.yahoo.com/	1970-01-20 07:21:11	Name: IDSYNC Value: 187s~21fl
.adform.net/	1970-01-19 23:17:20	Name: C Value: 1
.adform.net/	1970-01-20 00:00:32	Name: uid Value: 2084561459374446081

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.ivpressonline.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1636448720105160012001532151474815&tnms_dt=ivpressonline.com%20%7C%20Your%20news%2C%20our%20passion.%20%7C%20Imperial%20Valley%20Press%20Online&tnms_upage=1&tnms_do=www.ivpressonline.com&tnms_uri=/&tnms_ref=&rt=1636448720114 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.ivpressonline.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vpuri=/&tnms_vplen=0&tnms_vt=0&tnms_vid=1636448720105160012001532151474815&tnms_pdt=ivpressonline.com%20%7C%20Your%20news%2C%20our%20passion.%20%7C%20Imperial%20Valley%20Press%20Online&tnms_dt=Untitled%20Document&tnms_upage=1&tnms_do=www.ivpressonline.com&tnms_uri=/app/pressreader.php%3Fivpid%3Drefresh&tnms_ref=https%3A//www.ivpressonline.com/&rt=1636448720892 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.ivpressonline.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vpuri=/app/pressreader.php%3Fivpid%3Drefresh&tnms_vplen=3&tnms_vt=0&tnms_vid=1636448720105160012001532151474815&tnms_pdt=Untitled%20Document&tnms_dt=Untitled%20Document&tnms_upage=1&tnms_do=www.ivpressonline.com&tnms_uri=/app/pressreader.php&tnms_ref=https%3A//www.ivpressonline.com/&rt=1636448723704 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://ivpressonline.com/content/tncms/ads/block-background-ad/1.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ivpressonline.com/content/tncms/ads/block-leaderboard-bottom/1.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ivpressonline.com/tncms/tracking/bannerad/impressions/?i=frontpage/block-pencil-one1/6c57c84e-4fa2-11eb-a84d-2309098d6c5a, Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

86d9fe17ad8913f96795d1e3e76e6c24.safeframe.googlesyndication.com
a.tribalfusion.com
a.volvelle.tech
ade.googlesyndication.com
ads.adaptv.advertising.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
antifraudjs.friends2follow.com
api.pymx5.com
api.rlcdn.com
apis.google.com
as-sec.casalemedia.com
bcp.crwdcntrl.net
bfa5bbb6ca60f122bbb83a79f683da35.safeframe.googlesyndication.com
bid.g.doubleclick.net
bloximages.newyork1.vip.townnews.com
c1.adform.net
c22761105b12bd9982de64b7588bf819.safeframe.googlesyndication.com
cdn-img.pressreader.com
cdn.jsdelivr.net
cdn.prod.mktg.evvnt.com
cdn.resonate.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csi.gstatic.com
d29xw9s9x32j3w.cloudfront.net
discovery.evvnt.com
dsum-sec.casalemedia.com
e44dcf66a235fce449272c763b2edfc2.safeframe.googlesyndication.com
eb2.3lift.com
ecafd18a3ea3b8148b2000f40512e14f.safeframe.googlesyndication.com
embed.sendtonews.com
eu-u.openx.net
eus.rubiconproject.com
evvnt-api.global.ssl.fastly.net
evvnt-plugin-proxy.global.ssl.fastly.net
fonts.googleapis.com
fonts.gstatic.com
friends2follow-us.s3.amazonaws.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.sv.rkdms.com
imasdk.googleapis.com
ivpressonline.com
jadserve.postrelease.com
js-sec.indexww.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
photos-images.active.com
pi979-10rsz.ads.tremorhub.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
platform.twitter.com
player.sendtonews.com
prebid-server.rubiconproject.com
production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
pubads.g.doubleclick.net
pymx5.com
r1---sn-4g5ednd7.c.2mdn.net
r5---sn-4g5ednd7.c.2mdn.net
s-jsonp.moatads.com
s.ntv.io
s.tradingview.com
s.tribalfusion.com
s0.2mdn.net
s2l.sendtonews.com
s3.tradingview.com
sb.scorecardresearch.com
scontent-iad3-1.xx.fbcdn.net
scontent-ort2-2.xx.fbcdn.net
search.spotxchange.com
securepubads.g.doubleclick.net
sendtonews-d.openx.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
syndication.twitter.com
tagan.adlightning.com
tags.crwdcntrl.net
timber.sendtonews.com
token.rubiconproject.com
tpc.googlesyndication.com
tracking.friends2follow.com
twemoji.maxcdn.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
widget.secure.ownlocal.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.ivpressonline.com
x.bidswitch.net
yumasun.friends2follow.com
z.moatads.com
100.25.5.11
104.111.244.56
104.18.12.242
104.18.131.43
104.244.42.72
13.224.186.41
13.224.186.78
13.225.78.101
13.225.78.26
13.225.78.37
13.225.78.47
13.225.78.59
142.250.185.130
142.250.186.130
142.250.186.66
15.197.193.217
151.101.129.194
151.101.130.49
151.101.193.194
151.101.65.194
18.156.0.31
18.197.47.23
184.31.84.150
185.29.132.241
185.33.221.90
185.64.189.112
185.94.180.124
192.104.183.109
2.16.186.232
2.18.234.163
2.18.234.21
2.18.235.40
23.111.9.57
23.79.143.124
2600:1f18:612b:4200:f618:eaed:4120:e6cb
2600:9000:20eb:9000:18:a82e:7180:93a1
2600:9000:21f3:a200:8:4487:bd00:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:125e
2606:4700::6810:5514
2606:4700::6812:acf
2606:4700::6812:d05
2607:f8b0:4009:81c::2003
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:16::6
2a00:1450:4001:16::a
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a00:1450:400c:c07::9a
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f027:212:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.120.169.248
3.122.136.79
3.217.216.1
34.120.133.55
34.96.74.203
34.96.77.232
35.210.178.101
35.227.203.93
35.244.159.8
37.157.6.241
50.17.207.51
50.17.208.58
52.207.5.56
52.216.99.139
52.3.82.27
52.57.255.59
63.35.242.195
64.233.184.154
66.155.71.149
69.173.144.139
76.223.111.18
009bf00d3831fb62595adb20e170ed288d8a157493fb6028b1888b05875ed8f3
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
0231c9b6e4ca8b4732855b335f2e8e90ae1847faaa79b1c9237cd71c71fe0b85
025b0513b3f42471d06c42668a83e9d2fcebcf267fbb0895b8cb9114511662a6
02afb851366af6a34f39ad3b7a986517fe0071e4b55181661a37f13e4d804dc0
047618e600d04061273b2949130cdb35481b8caa8cd37653557805c452bfb35a
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06c4cf51e21b3c2fc932ac10219f1b2e27d6387d7db1dc4665506325ecd6b9c2
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be94cf5f4248f382616d037d14983bb51168a7d166bffa57bf74084050f7af0
0ca25a5e5a63db64127da8be18cc390fa09e78b2619763dab21d9ae65ef28418
0fa2a0d4c1af0c005d7123c36321950270637b976fb8d6ac7e103d3c70f0c02d
0fbfddc47cb9911b7a5e9c519c314c9129b03e82504e1815ae3f1afbd4a58b0a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13aebf2418a90a3a408fd528fcf45f90027657e5db7cd180312135b639da37c4
14d8649633f5088f68ebf1993c0a86ad25507d9f951f795839f3a5fde069aae9
1518d6b3f4564b45fbfd24f6a4e4099535c383de532dbdcb26606f0aa565ba00
162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
1cd4cdf86524f2db7714cae7be98840ddd007796e0abad57e999e8ccbe66fb5b
1d08186d26c440375e0f6a03ea56ede4ceb2ed87ff149c6d61c04bb186fe28e3
1d13f3ca71d7f8936fa6132de0d7b79b479d0eb9615df43fde4f31b2d43c79fe
1d2c8b307795d82508b6a20926ba598fb16382f3badc56476e579563d39d1177
1d2cdd4b89077b34c4f0b880c44a410ff9800fdda5a4d4b83c995bd921f13a86
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
1d6b9def25663bab45e8cffa49ba5a9a995ad73b9294efd1f9938257df5c8427
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e505a5909b472ad9ed594bdb44af9ad3d562ebfb2df5a9cb1b8dd4cec97991a
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f57283f1effa064246ba12189917ca27257218dc007962791c399a067753a69
1fcec0581d2857d9dc85fe4d13140700561aa9afa754650f2c4d934313694646
215982cf60dd294bf859d43f68ec642bf21077ea13bcc2089f9e106cd2d16381
225d2e82e0609fd8ea6f41b4596631e2eb125c4ee951202b94ea31af75585413
226072d2c12954b9e849558b9e637e5192cea9a8524ec0040e4cfa5fc883e63a
22ec5e6c4f0745076b79a07bf3accbdb29633457a8ad716ff9cdbcb36b8bd493
236d32649a6a56afe4dd11c53e65983f81564acd982005f61e8931147488ae93
23db48699ea20c5696927ce049e6d4ab44a23a0206d6d3b2295183571ea82cc8
26db5f30ed8fc573894662c75c70966bd6a2f6996aabbeeff145c60d7d545cc7
28ed0e436b66326d203d34c131b22c2808c9b7eec6f97f0e9fda441d7b33b129
2997eccf5a672d24169a4135a230358e193bb6596942ffb194b58c7f18069b8c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2adfe9dc40a9014c9c08d685cef24569f2b21740242a8a411f0e299b36a6d7ec
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2bc8f9223c8122e13f990143c9bac465ddf26dd65e18d33bef5cb11552df9541
2c347d58c696d6e371b92485f7705ffe574ed5eff3758f6fd919e6241caf19f2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e050b7f1da783cce5a7be35e632698dc49ca9013802a48414f080cc861b4574
2e125e3760778156c5d10a0aa1d97e056b9fdc66d6c907a59d8627158e83c3db
2ef6098b152764c985338092267e7207676c7040d8f12187c4a9b419f1d41e83
311f39d523efe3d8eed0bf2bda6c76a4716b94c80c233bcdce177f1516693dfc
318d11a9d586ea98606797e830c421c3c995fce634456cc8ceb07017526762c2
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2
34f66e0da13cae3e47b11da471fdf881280333b3ff2583611715640656b338ab
3520224fdd33ef40a4e408962cdd52d34a8109d8d9128e3bcd7d534a289bad46
35344c8fadf8cc7e65b9adc5e6f8a6ebaa48548dc006d8066052775b3e209310
35723694d7d1f70e33125469a3b45d97364d5f253f41d730cd2e598ef79da70d
36985c6b5278b4c52916d3ec0b88582e92c3323083b2ec99c1ffbca3c93a2df3
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3be85bad3a3e487735dc0beea94a98820dfb19623ad6aec0513017c9984311ce
3c32fcaa22c2178b3c28ca8085bb1f30f7b2f6c0fdf5db53422ac28ad6150209
3ebd026647714647aaa1e9ce958a12670dee2ff940ac4b334d2d718f780400bf
3f695f2b830f4b69ae5d83f2a4517406ae1eb98116a1331b3cb80db8e8903f30
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fffa3b1ac035b49a95a182e4750479784d527070b6908bdead16bc7f5b88759
400d415e25e3c2b6d990376f5b1b73e91a4ada0f82098f11b71b644773528907
401648263b2e824940392d7846ea093e62d13ceaef308d854696d839d109fdb7
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
4329ee5a90afd8ee0de17df581b8ababe5591352f8f0001e6e4698a74d6e5ce3
434d4db25756da97aa600da947c206517beaa96d4a4d4fa5b681d3531086220a
43ee53d296fca70608f19eeda6e438cc099816e1c258e220a408ece7f67d7b53
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e27d81b5bf65b30534bcf5c53c30061a9ec2c4ae24d697d195c9a8612f62ab
452b3ada7841bf0ac5eeed2f45a2edc37cd33d2e7cc57ccb305ce913e1cbf354
45a44547bc03bf28eef08b155e355f497ca18ee852614d0dc602b91e20c64512
45ec55bd4a377302bf3feb709fdb93b9fc194ab2a773ad943478119849f1f161
479789ebc7c7b79e6b0a3cd5769880403fedb19890b2c1a959cdd9a400f90db3
484cde3921913e7b956c9bbb0e78e27db0da78bb5b3e51eb5c148aa88bbd96da
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4a9732d23296237036ee1a40b16aa13d6d80f933e783c3b86f543504b34b52d1
4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9725e198943fc29b22ee3fb85a811bc403cb56a8ae779382037d34b1e1d2b6
4ba3590e83d4ea197a7aa2e905f25ab081f363477ab25aaf969907a424109224
4c2fa84bf5eb75d9d92489e36d8fbeeb9d713a4bffea5cec7a3ebf7a0b5b957d
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50116d41b407de807d4c5a56cf2dab8537efefb467e30851e84940e0911a3b4c
5038731a27411c5a16d3a739729c2d1aea41d51b9563cf9962d727645ae88039
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51bc56c5805e857f22524324bca4efa38ed252117a4e54ca0a01f371ca3d6e10
52eb360e2e064f736f98b74928e0978eb1665f6ba9afc443530c6d8c9660398c
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
54b2da6553a5856250ebb2a37e247af42e5ba7dd4c7c9a11aac6fe0eeed97d55
5633b1de3e377c75761bb451d5fae5e0d8f5f2322ccb760a98d564aec84b0355
5665f8390a5ed541cbfd66da58c3212dd18a200dc62a0bd6096e9d9cfd3da9c7
572a200079c83ed400552645301279634d74ae2f55f5cb91a6a8337e8514e7df
57ef78316a4d7fc739e9680ed7067e21563c455b340b3c389347831d1bc20d79
5a3d06d1b1f501f2093b356eda8275778f948abbf611429866909e5589f12b46
5a57cecd2bf4d6d3b8498c67487333f6dc9e102371f5e48ffc7fcf18a6e8487e
5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d
5f7524c42177b76a0a1421e6ac5998139717d35dc8bd4485681881c03b81f60a
61272354c450141b08dfb8d1bf7cb6d67e8e4236f605074ccc86c89749f7249a
62de8fc1fa7c72af394d07521d1a68b2138c8aca8afd021ecdeec63646446e6a
63c532c87ea8dcea9132f76536342b6b2cefcf2804dd3e32c475329b2e6322b6
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64fa10b6737bf2104e6b7ec815ae1e800685e5cc18cd4f20bdc6fc537db20532
66285ad214dc3ff02d492dfa93a49b59b8c22de916b23566a94289b2dea89244
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6aa550ecc9a1578c31e2a9c63af480bb38c44fd93f88c3d76ed9d035e2904fb1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cab9f44156fa2f5bd5a49775f40ea75d5b4d917c713a341267d48cbed0b725e
6ebc64cc3d49d9284551c4d004b1871d23d90c48a2c0ec76a2cb2eecc0296e77
6f4c7baf55e7c028d298c83e4a92e38dd451d5c025ed77ddc4703f4e0fb66253
70a794340737b2799b56919e27e430ba9c576b8484e8d93f6c3972f60b423f04
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72beb0dd878e65b76fcc6b1307c8dcd635b2407d93c746542ba145c3aae02a88
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73bda56957a43e625f343e32c6eb11597232c2f315e3996f295ffde602a92d65
74aa6fb66a0a982cf50725b974770201327b4916552e4b4f6063a466d3dd06e2
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
760220b8d9f6676deb9839eb92c83e7e4bfc9e7c119e2fb63fd6aee36933a050
7643a35f53d1bd927e1fd7c716753117a18ce87351cc64093d016cbb21519071
76844492baae9acad7de5a10b830bc7a22e97852a4a4859866104e84cf973b05
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
775d7b20c1c98d122af38bb02e677e0e913e9eb303c19bdaa950e434916d4fc3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a527230d3ca129b0fd199db5340393417d671facbfa208004a7b91fae3773a0
7aade7eedd849f0706724b0a7b2ce6893d982c04fc7346b3358a8888ce537075
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7adc0e82d10de0c5af74d068b95973ff1528ff242d6e35390d3d5ef718291471
7b3c089fc040b1517f0a6487d17e2e37325c33fdefd672cd0077be52c0987091
7bcf302cdc92fc3043cd1db9a8d97c97e9477da1dc8cdc3d202c6b4f4287953e
7ec48a60849c066e9da617d0db011a6b4d70f743d6295cabdf1c38e5e4de5fe7
7f5974e4326c6420be4295ea9766ca4ef7d466277c1982e0ea202cbe5bae20f7
80911df7dcf2e2763e6fa09fe379b2478a74cc43edd3c4f5ab4c025b008f901a
810ec545d51dad0b1ce64ca043bf3ac3c7cd3f72ae6f9cefdf3d4bd4f79c5021
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837d4d8179f76dca110ff2e07c1b228d8c1c9684bb147f793d1357ddf3922c00
844c9535c425c88fab1d4a5315fdf3e32065674e67f45cc2d76d51e80ca14bbd
85ced8d3e004479b8f2fe0768cc517406f1d9326e4413702d2d1249916d3115b
86e5f8e70584839d99ec3cab0bbac8fe4c53e5e143cd0c0b4c2bed47d31e3406
872d1c632a2411cd74430a525e538f4348fe0e8307ffb9010282a82a957d4a2c
87b11389685f99baf3f7685bce4814a3a511dba56edfa5a07d900893c1d79acc
8888b39fcef68347451a49b9c12fbd7f5af165a42f289fbeef6c4db2f8a33228
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
890063f6bb70a1ab4d3c254afac38594b10fd574b73b1d05fbf56f4986d4cbe1
897682171454c25d32059a155b4df931eeeb48edea964dc948a464fdb94ae6f8
8ab5b0ad63a66822cf078261c09657c1571d0dd3253da9a2cad6ca468dbc96da
8d398fc3a8582a47fcdeb03635707786a223d1e90c691f5b8f6cd5e729b34c06
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f4ac89616fb3d9307b3c8f296a377d012e85bef2c5e3a1dd9fa7c76608717f7
92e4cd8f6651f2914c5ef95e02ebf636c63353bc3fd932f412b4661c71e7517c
9333d900e7e2187b8df9db60653d79a67670d7456a2ebde2af3ac6c1849a50a7
939ca0c5c9dc8cad1c5583c1c07552423392eb260f868ebf5a72444b68990263
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
9476713709bfb2efbef10bee7267250bd6ef908f0f31927fc3f55d0d801a60d5
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb
963b5764b123f405f1d78d80c1f9142f941fee022becb1588be2a70b20324329
967c00071fa379622aedf84e215f7fe3fc73a7bfe167ecbd246e613cccd68326
96a0458a087631c064521a48814af5e10aa1798c2affbeadf0d089e90d649bad
971842b80b8d4e847ed32adf3e62de2cf6e8cce9080d54321583d6d524de0f6b
9790cbfab8e909c15135881c2632cc82cc2f4acdbb629263f3327d7144a3b479
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a60e0a34cd16934f8d62a6722a1e74d229e7fa228247d44dfd531d1892f8f84
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a16cd44bcf5702060fc3b977d6a94a30f73af759d6a542878571f3eeb6c4e828
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1acb4756534546c8950f578fad2a9c92ab61fca9b409eae59fc825b75adb595
a32f96169d003505748a3889087e883ff705f856ccc8daa0ddf02b9a8deeabbe
a39eda347686aafa3e647b50b8bf348c3719167d31a7ed87bda251ee5a6685f0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8aa3b08fc4674f7e4e9a77dd76dbc31ab395915286bbeb69805e03537cdbe01
a9ded656308bd91a77be9ad1188218dd4dfd4b563404a79316f7f926830c34ec
aa3b0b0b923bac2349785995c9658d67ebd1b17fcf15f250ad3caea606c488fe
adddf67e951bdd862698d47b291241fe2c63ab0831647afb27d20eb7cc0eaa29
ae02857f28bbbb4aeb738bbf4c2f8551656b9793dec7c32968b307c089d2f8ea
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e2c3f1e2de355bf301f703cef723683a2d5950d99055a19ab46aa1c7126184
b23fd27b8f625985e5d80752d9960a82179eab59fa5a763e1ede26412295e052
b3a231bc368c20f4d29b1e6428d691c29f75988863edb8b020b76df83f55695f
b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8
b413ad609477ce49010787e45a510e49f64bff990ae2430f601cbe1b583360b7
b4151499f4ef86a17651977703e3b570bffe8e23e6fc3fcb3f2573cff4bd332c
b62b287de1e0fd1feb43b086475757f655527979073fa635983296e34d7779b9
b67aa0fd43be8390f5936335aae9271dd3c0ff035b62cbe23e5334ec28d2d3ab
b7f021001451b555e009a3b13d67257f8af9fd27a3965add14f2df508ecc4591
b82045cb509889df5348ca3e5ec5fbf2fd5ef05a078f09250995a55e299542b4
b9d9f81f6230131781903db92e1e109ce7635fb4ce64a6e784bc26cbd0655008
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
be5689f0239ead97ff18d82b5540700dee8b757a57937fa54d59d8278111ae50
befee8188f3d1a2c4ca0ef95bfc9fcf0c4ae92bee5a1db220ca8b942a5686de6
bf1eb99c30d828154b1f083be6b4bde59bea2d9566b481462c642851991b16e3
bf2bcb5727a3971306c7c5f676a290ead444c4712f4feba0fbd4cfc6b33e683c
c11e882a2065580fb33017bf72ed807057cb89ea3887c16fcc12108df0006c94
c14282fe6e383dc0f561d1406699717354e183b5256507d00cc770e8e3a7d6bc
c20ecf3d72872c0778ebe15048722bb92fcc0d17af7c45c3ae22e1995f241ecc
c23ef9aa4603538d4710afa4e29284a60ad8956a8b8ab76236def69c97c31a7e
c3eab2985e8e3a8e62d553fdbf3f0537d3133afbc1d635f2330e37e5ae2bfa34
c4cf677c3902843afc625ad6b447a14e8f843add534bf1e284695a7a6d6b8107
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c72048d0852c015fe512c31a836d82eb13b539fd1e37e00400312ea330f5e39a
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c96243483fe1107223c07f837885d057ec2b7515e349bd51523ab2ef6666bf43
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca508bb8d27607a13ebcab6dd5266f8de233bccca1c3add8323138b5d7f5fd7e
ccede6178ee9ff1246a2198c756e6a52cac10a731deec4ee18eda81d241bcb8f
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
ce1aca167efbc21d5b4054402eb6dc9b7d203cb5eb8047d2dce6660e7ce0dae6
cea286d53c1f5a24eab31c051f1a0cfcd00b7c1752a42dedfa0a91f0c2135fcf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e5c8b2e4d1c580ee976bb182f0f816552a0c21a45e9577009d2f2da474f75c
d1652b7f1cdda02b3df9ddaf55c3bc2ded4c233a0734a053170dd224e026fbf4
d1ae767091c1aff1362e6ed8c39903df136a7286041b87b6d960d527640eec58
d2c2161d216b3f6f05411fb2ae1c43a501c51f1763c450326757baad4af344ca
d2ff840fef9f3ca193c2aaff44980269c4cfae8a905c6b994790444519c0b368
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d38c0da4d418599962e31da22bdd1d8f51fc2c3bda4b08a897ab53f75ca3df5e
d4af9c39984dc2f8903ce991779325742d0c8e8cd10af0f33f9c0d7965464ed8
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d8371d564e0aaf8c705bbba87f1bc467edbaacd990df60bf8517bb29797b3a1c
d8cfae2504081bde727eae60ac5f3f199092eee7942a10627f5eb07ee2414514
d94f39a95c4bb5cdc047e37535eab9c019fd7ee4e0ce40163bc2ee241eb2bf5e
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dbd891809f2d01dbf88e24fbafb8edad1857256bdbf339cb8d3782fc22bf9336
dc7b85cfa9aabe6b00ca32b83db57d2d4fe47ac72811875182b929e48b1532cc
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de71fa7acfd31b2b19a4ee556a3772b9c6fe285606ba65830037a3e0670c3bd5
de7f3bda6a530672b8af4bf3f4900a7bfc251ed938ad142be955d8800c96148d
dff15e07af8f0ea2fccff57d665d0063fd34750f00b28209c07a9dcd92ed0184
e21aa289818ac270e2647b8f04a0b04a78716f57797940f6fea477c6d03b7e56
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e976d5f8812663b24e4a069f1dbf2fa08738fc2a06f496414946c37f929659a0
ea6542fe9043cfeaae61271ab38800733059867abfee9f23c1296059b7b4be96
ea87d66514e6957a76b4cb3bcd3df768f04487e2f3e0ce52b72c9027821b7b51
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
eba39017a763d5d7a859793682beb9144f6ce8a790a8e4f1ff7da5471da3f3f4
ebf16e943257b7a1752da8d064e8b9fce97a82eeb2897defcc54072462099d26
ec75f5f81f8d9976ae985ba86f53f9a069e44f1ee66bc3595f97801abf582b3f
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1cc39cd5dc730ed72fababfa54b68f4b1553849bbd54ee5a1f043724534bf2
f01a152d4aa0862afe02b153a2b6d69680f7f16d8f62c60182188216c59a5dec
f179d9e9a27b609a2e24166123c777dc60d125cca6fcf6fe8b2c8e2e75013881
f17fad97258db1151ee8f116af97d28afb8ce82bf68319371bb163b9a0805419
f43581454cc4d007baf49f3103c8b754302a7ce5a097f1ef6648a7d1fab3d73e
f5be8b92b29c52a5bea3d797b32b39d52b77f318cf29065126d13e011146fbb5
f60f12191feafa6f59149b1d96aacad277e0ae54349122f680fbe2c4e1b4f92e
f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020
f7c6374ee30be6b88d8369853f1d03b6f0f450f59b09c2dc515fb0985d356694
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
f8e0171de29a3d701fb31457f09c5d5b8e703e94d5d654399554b8b67efee07d
fa017661d5cc9c4f9ef638ab2dc780edfa9bde81a4a3a7f320a1f2768f6824b6
fb615c15fbd11a27f2e696b5c47337babd4b1bb7e5abf76b8495ffbbc5f9772d
fbce4577dcc6c226fac150424019abb9177d3f5c5ba44a14ca371f53132acfcf
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a
fcc3cd46f745cbdbf1e4f3da81126213863e8779f4736142c1c424fbf455945f
fcddb01854139eb257231ab7cf53828c4271e22b6de566e51486726ae97ada0f
ff716a78fce900b05ead7869e091cb310184cd91cda1358cbbcb5905918dbe38
ffd04327d934fdb328ae34e43bef4dff355ac07f6346fee7a65d736896b99e0a
ffe3e81abfe1b82b22c0afec5ceb1400456a6c4d6ecec4f94ef6f5da1e74e666

www.ivpressonline.com Open in urlscan Pro 192.104.183.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

484 Requests

95 %HTTPS

38 %IPv6

59 Domains

105 Subdomains

79 IPs

8 Countries

10434 kBTransfer

19994 kBSize

51 Cookies

22 Outgoing links

Page URL History

Redirected requests

484 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ivpressonline.com Open in urlscan Pro
192.104.183.109 Public Scan

Screenshot
Live screenshot

Full Image

484
Requests

95 %
HTTPS

38 %
IPv6

59
Domains

105
Subdomains

79
IPs

8
Countries

10434 kB
Transfer

19994 kB
Size

51
Cookies

484 HTTP transactions
21 data transactions