all-news.co Open in urlscan Pro
5.189.131.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u4152507.ct.sendgrid.net/ls/click?upn=7Bnok9b2uoSEcg9WheTyKOASTh-2B6TgHSZcjriAbyURKDp1k6tl1TTKk4mhYOGERzF35DR5q4yZXReGaD7...
Effective URL:
https://all-news.co/
Submission: On July 03 via api (July 3rd 2023, 6:46:38 am UTC) from BE — Scanned from DE

Summary HTTP 217 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 30 domains to perform 217 HTTP transactions. The main IP is 5.189.131.58, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is all-news.co.
TLS certificate: Issued by R3 on June 27th 2023. Valid for: 3 months.

This is the only time all-news.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.122 167.89.123.122	11377 (SENDGRID) (SENDGRID)
1 1	185.218.124.16 185.218.124.16	51167 (CONTABO) (CONTABO)
1 31	5.189.131.58 5.189.131.58	51167 (CONTABO) (CONTABO)
12	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	52.84.221.76 52.84.221.76	() ()
12	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	52.94.230.46 52.94.230.46	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.23.225 108.138.23.225	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:1c00:1d:d7f6:39d2:2dc1	16509 (AMAZON-02) (AMAZON-02)
1	52.94.225.95 52.94.225.95	16509 (AMAZON-02) (AMAZON-02)
50	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	52.28.152.8 52.28.152.8	16509 (AMAZON-02) (AMAZON-02)
1 17	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	52.58.132.185 52.58.132.185	16509 (AMAZON-02) (AMAZON-02)
2 2	3.124.223.95 3.124.223.95	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:90bf:1892:a2de:b1dc	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:26::6	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
217	28

1 167.89.123.122 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net

u4152507.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.218.124.16 (Düsseldorf, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: vmi1333123.contaboserver.net

185.218.124.16	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 5.189.131.58 (Nuremberg, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: vmi481268.contaboserver.net

all-news.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.221.76 (United States)

ASN- ()
PTR: server-52-84-221-76.fco50.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.230.46 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.23.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-23-225.fra56.r.cloudfront.net

wms-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:1c00:1d:d7f6:39d2:2dc1 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.225.95 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

fls-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Mülheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

at.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.152.8 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-152-8.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.132.185 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-132-185.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.223.95 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-223-95.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:90bf:1892:a2de:b1dc (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.38.120.206 (Hessen, Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:26::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr1---sn-4g5lznls.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	803 KB
39	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	319 KB
31	all-news.co 1 redirects all-news.co	5 MB
28	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	458 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	11 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	505 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
6	amazon-adsystem.com z-na.amazon-adsystem.com — Cisco Umbrella Rank: 8867 ws-na.amazon-adsystem.com — Cisco Umbrella Rank: 19798 wms-na.amazon-adsystem.com — Cisco Umbrella Rank: 27502 fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 7964	18 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1044	3 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1067 r.turn.com — Cisco Umbrella Rank: 3947	869 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	531 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 857	677 B
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2972	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8041	918 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 577	1 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1777	587 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 796	544 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 717	99 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2276	175 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44074	613 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3235	105 B
1	googlevideo.com rr1---sn-4g5lznls.googlevideo.com — Cisco Umbrella Rank: 59433	63 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481	716 B
1	bahn.de at.bahn.de — Cisco Umbrella Rank: 75357	1 KB
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 448	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	602 B
1	sendgrid.net 1 redirects u4152507.ct.sendgrid.net	273 B
217	30

	Domain	Requested by
50	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
31	all-news.co	1 redirects all-news.co
23	pagead2.googlesyndication.com	all-news.co pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
22	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
17	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
15	www.gstatic.com	googleads.g.doubleclick.net
12	fonts.gstatic.com	fonts.googleapis.com
12	fonts.googleapis.com	all-news.co googleads.g.doubleclick.net
9	www.googletagservices.com	googleads.g.doubleclick.net
5	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	pm.w55c.net	3 redirects
3	wms-na.amazon-adsystem.com	ws-na.amazon-adsystem.com
3	adservice.google.com	pagead2.googlesyndication.com
2	match.adsrvr.org	googleads.g.doubleclick.net
2	onetag-sys.com	2 redirects
2	a.sportradarserving.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	sync.mathtag.com	2 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	rr1---sn-4g5lznls.googlevideo.com	googleads.g.doubleclick.net
1	csi.gstatic.com	www.gstatic.com
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	at.bahn.de	googleads.g.doubleclick.net
1	fls-na.amazon-adsystem.com	ws-na.amazon-adsystem.com
1	m.media-amazon.com	ws-na.amazon-adsystem.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ws-na.amazon-adsystem.com	all-news.co
1	z-na.amazon-adsystem.com	all-news.co
1	u4152507.ct.sendgrid.net	1 redirects
217	40

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
all-news.co R3	`2023-06-27` - `2023-09-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
z-na.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-18` - `2024-02-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
ws-na.assoc-amazon.com Amazon RSA 2048 M01	`2023-03-16` - `2024-01-21`	10 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
wms-na.assoc-amazon.com Amazon RSA 2048 M01	`2023-03-21` - `2024-01-14`	10 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-10-26` - `2023-10-14`	a year	crt.sh
fls-na.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
at.bahn.de GeoTrust TLS RSA CA G1	`2022-12-14` - `2024-01-07`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-06-20` - `2023-08-29`	2 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://all-news.co/
Frame ID: 4F59F27BF6A8D96B6B8CE578E7DEE9EE
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html
Frame ID: E05D9AC54431A00208242F9F888F4ED8
Requests: 1 HTTP requests in this frame

Frame: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Frame ID: 17F106AC93C3706BA7C1F3DDCA948B0C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1688366792&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366792204&bpp=7&bdt=613&idt=293&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8202577943988&frm=20&pv=2&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=337
Frame ID: 52016A0F42FD31B3F6A3DD3E70F4FE8F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1617494618&adf=215103401&pi=t.aa~a.2152671543~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1688366792&rafmt=1&to=qs&pwprc=3183826420&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366792211&bpp=1&bdt=620&idt=332&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCKKJFsahz&p=https%3A//all-news.co&dtd=334
Frame ID: 7EE86910DFA8D3276856F5DAD16AC052
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1688366792&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366792284&bpp=14&bdt=693&idt=314&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eEFnUUdyMR&p=https%3A//all-news.co&dtd=318
Frame ID: C06D828A44E857D7AED4A633C1A6A0F6
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: FC2F7BA39465CE29BC523DA10A6B284C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 28D3FA5E13B44B2BA0A115A978D5EDFD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1688366794&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794075&bpp=1&bdt=2483&idt=1&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280&nras=2&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=41hlULPMX1&p=https%3A//all-news.co&dtd=5
Frame ID: E0CCB44E199AE2F160CED0D4D40E756C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3026534217&pi=t.aa~a.3633471688~rp.1&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250&nras=3&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Qk35iY2qD7&p=https%3A//all-news.co&dtd=26
Frame ID: 1B96D28531267AC46C89580546B121F8
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=328123490&pi=t.aa~a.2368139338~rp.4&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=1&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250%2C324x250&nras=4&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=cbCYTR0pxm&p=https%3A//all-news.co&dtd=39
Frame ID: 6C77B77203A8DEB8B97AEE387ED5F15B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: 09D6037C2BB2E167139EF1EA20612B41
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1E513A6C09CEE2579C0CE4B35608BFF0
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: D6FED984EFBE8A6BA7447CDA39310468
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: D217521BA63B73278044D227A4B26682
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A5DC793ED790ACF5180E1AD87A25E17D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 80CB386821F8B33BB9687B9F193C7B02
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 5E017F8118A6EBD1E17E80D667D67B58
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7FAB843F9D38E941069CEF7FF623CFBE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4240152EA74FF588D549D64F4CA1DA12
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9E2D352ACBBAD14E683EAEA75819886F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EAD6D2B3CF9CE6E7490100A4BDA2438D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: C4CBD2B33E22CD95DA875E4622D86F9B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 957CDED9AA2A3CCB4C5B5676128631E5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 5F3F82406C7B3F10DFD0D9A282AE67FD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: CA1DFC5FC13605EFBDFD76AEF38F8813
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: D8EC85CFB061B6A74FDF9BF5474051AF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 811951040C3685B7947CF6ACB470E163
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 14DE1719ACF4CD3922BF66B1D6F6853F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - All-News

Page URL History Show full URLs

https://u4152507.ct.sendgrid.net/ls/click?upn=7Bnok9b2uoSEcg9WheTyKOASTh-2B6TgHSZcjriAbyURKDp1k6tl1TTKk4mhYOG... HTTP 302
http://185.218.124.16/?Z289MSZzMT0xNjY5MTQ5JnMyPTE4NDg1NzM1NyZzMz1CRQ== HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

217
Requests

92 %
HTTPS

41 %
IPv6

30
Domains

40
Subdomains

28
IPs

6
Countries

6824 kB
Transfer

10231 kB
Size

30
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/
Title: Like

Search URL Search Domain Scan URL

URL: https://twitter.com/
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/
Title: Subscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u4152507.ct.sendgrid.net/ls/click?upn=7Bnok9b2uoSEcg9WheTyKOASTh-2B6TgHSZcjriAbyURKDp1k6tl1TTKk4mhYOGERzF35DR5q4yZXReGaD7HF9ilsDwm8N8l8upL9krK1cJGo-3DZVcy_sB1ye3dtnvuspz4tKFUf89JkrnFzA9EXPfvbN8svAd-2FWRpRHevzYuCdKDEREs1y3Ca15Zxkr2AIZz71s-2Fg5JsWsYo9z-2F-2F0kT1c8gM5R9CoQZw3UQpiiozItoVFnBEYkR4kJ5cfKj4rcphr8vjf2uXKBc9OFM-2Ba9VMUDLuKFpR5LniEwOthNbHZOI4Ic3NpYJFW0QJnzGoYEH4K2D0ewwvQ-3D-3D HTTP 302
http://185.218.124.16/?Z289MSZzMT0xNjY5MTQ5JnMyPTE4NDg1NzM1NyZzMz1CRQ== HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 143

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 147

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&google_cver=1&google_push=AaAOQGHgVfD7rQsPfOHYyTcsZjsef3q4OaUn8q7t5jM-uok4cNFpVsqmHkD3g8QELSE5ZdS3Si5lU1KLPFkBnQVkcnQE8AVb13n15iQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&google_cver=1&google_push=AaAOQGHgVfD7rQsPfOHYyTcsZjsef3q4OaUn8q7t5jM-uok4cNFpVsqmHkD3g8QELSE5ZdS3Si5lU1KLPFkBnQVkcnQE8AVb13n15iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TnhYcGFpemgxUWdka3U1&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&google_cver=1&google_push=AaAOQGHgVfD7rQsPfOHYyTcsZjsef3q4OaUn8q7t5jM-uok4cNFpVsqmHkD3g8QELSE5ZdS3Si5lU1KLPFkBnQVkcnQE8AVb13n15iQ

Request Chain 148

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEIBwgZwXxY-FM6WZKv1l3U&google_cver=1&google_push=AaAOQGHEZxxSBX29wGQLCSKpsh40I8-XMUfxDLENiweetMOBAEc87f25F5XKYSPfXjRtKtHgtvBK-7zcgzJ7vDMUkJ9zzz_vh_1brgQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHEZxxSBX29wGQLCSKpsh40I8-XMUfxDLENiweetMOBAEc87f25F5XKYSPfXjRtKtHgtvBK-7zcgzJ7vDMUkJ9zzz_vh_1brgQ

Request Chain 149

https://ads.travelaudience.com/google_pixel?google_gid=CAESEA9iUq3MzPhasO5b1NElKDo&google_cver=1&google_push=AaAOQGEnDtYZBoScyUrTJVaoz4bdu0ETnI0Aw4JyG3EM8xzGGZn5MCaXOOXrGT_KONPxrFTXLpB1RP_yiJ6li_Y8Q5jRSqZCLIU7AZU HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pBgWCu4rShGSj1LJsUj1AA2&google_push=AaAOQGEnDtYZBoScyUrTJVaoz4bdu0ETnI0Aw4JyG3EM8xzGGZn5MCaXOOXrGT_KONPxrFTXLpB1RP_yiJ6li_Y8Q5jRSqZCLIU7AZU

Request Chain 150

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFDJHjTBJK7BKmkvrAehZSk&google_cver=1&google_push=AaAOQGGIsmZ7n_TSrRgKOXbAbN0HWH3H-s-_mxTLA5c4WB9YyjhahzJWN28SgaKBmKiYhD99yRSMPTYSp7cm94v5GBmH-xbtSG3YNPU HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFDJHjTBJK7BKmkvrAehZSk&google_cver=1&google_push=AaAOQGGIsmZ7n_TSrRgKOXbAbN0HWH3H-s-_mxTLA5c4WB9YyjhahzJWN28SgaKBmKiYhD99yRSMPTYSp7cm94v5GBmH-xbtSG3YNPU HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=476b729d-bec8-4c01-ad10-0084d845f5a0&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGIsmZ7n_TSrRgKOXbAbN0HWH3H-s-_mxTLA5c4WB9YyjhahzJWN28SgaKBmKiYhD99yRSMPTYSp7cm94v5GBmH-xbtSG3YNPU&google_hm=q8viUjVbTiS0Kzq-7f2Zjg==

Request Chain 151

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHlY-xVg7QctwQlJVqEJ65I&google_cver=1&google_push=AaAOQGHmtQEqRHX25VQixFN8hVZIE1gqJ9LeyBVkPYWXJIS5IE7ruYd-QRruy-blULDxhTp3ZFly01UQJIpgX6JWH8sU3PW8vx9EP98 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHmtQEqRHX25VQixFN8hVZIE1gqJ9LeyBVkPYWXJIS5IE7ruYd-QRruy-blULDxhTp3ZFly01UQJIpgX6JWH8sU3PW8vx9EP98&google_hm=eS1mdXUwVmFWRTJwSHRqMW9Belo5THZjQUZneGNneVJnaX5B

Request Chain 153

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHa5qaC2XaYhpj5c1Gf0cx0&google_cver=1&google_push=AaAOQGFxbOEryjWnhKd46WQmRDY0mSKQkr1fTzV9KcMYcTdgdPs1iYyCYFWuhMjr3v_TW9V9gdHqwEHcOET_i0ZG6DtyNaPyiI4AIXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFxbOEryjWnhKd46WQmRDY0mSKQkr1fTzV9KcMYcTdgdPs1iYyCYFWuhMjr3v_TW9V9gdHqwEHcOET_i0ZG6DtyNaPyiI4AIXw

Request Chain 191

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEIBwgZwXxY-FM6WZKv1l3U&google_cver=1&google_push=AaAOQGH2tIL-Rj3aho2EVbOoXHG_ojjAEXLbaQj92LxLV_EOCZP_NJSYZv4KMGxH9qlB4f8g5ZUlgzDpZqzZWABv-T4O0R4hiM3GpPs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH2tIL-Rj3aho2EVbOoXHG_ojjAEXLbaQj92LxLV_EOCZP_NJSYZv4KMGxH9qlB4f8g5ZUlgzDpZqzZWABv-T4O0R4hiM3GpPs

Request Chain 193

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECPAvJeqRLGwKgcw0YJ0SJU&google_cver=1&google_push=AaAOQGEOwqYJISgttdh-BHa7EsE8hFlI6VNwp7zPnD_IXg8sWEmOBykH3S4I8Xcug-x4DeYMAl0dCK1kfgZRGtjo5Xdwp8IjbNRF5g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEOwqYJISgttdh-BHa7EsE8hFlI6VNwp7zPnD_IXg8sWEmOBykH3S4I8Xcug-x4DeYMAl0dCK1kfgZRGtjo5Xdwp8IjbNRF5g&google_hm=96APXYDSQvW7PAAdCS_QwGk

Request Chain 196

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHa5qaC2XaYhpj5c1Gf0cx0&google_cver=1&google_push=AaAOQGH6SuefHS2GGvgYH1rO8tAZd0yXYX-zTVaoIiXWNmfQfDUctbTdiPYhWDXsqNfjfUGFjC6S3yCcGK39ubkCQWNOcISX48yuRHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH6SuefHS2GGvgYH1rO8tAZd0yXYX-zTVaoIiXWNmfQfDUctbTdiPYhWDXsqNfjfUGFjC6S3yCcGK39ubkCQWNOcISX48yuRHQ

Request Chain 198

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDWvxFSGilK_JqDoaGRbDLQ&google_cver=1&google_push=AaAOQGGvEBldKJGuxM0FsAQd8jOQWWA2FTjBqHOig5tIu1pHEniN78MpYpJ2anBdw3YrzM5pfwxdawrPXBQDMKEdrFE67I7FPigz10E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU4NTk5Nzg3Nzc2NzMyMzAzMw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDWvxFSGilK_JqDoaGRbDLQ&google_cver=1

Request Chain 199

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&google_cver=1&google_push=AaAOQGGaIXQlHdmOpExjrRMc1T7ohUZ3Bqq1VTQrdAWIZqaL8Pwjg8wcrnrUjY-sA9PdOqYTKxIHkdj_jIYG9lVDpSVXBbXbbZxKLKc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TnhYcGFpemgxUWdka3U1&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&google_cver=1&google_push=AaAOQGGaIXQlHdmOpExjrRMc1T7ohUZ3Bqq1VTQrdAWIZqaL8Pwjg8wcrnrUjY-sA9PdOqYTKxIHkdj_jIYG9lVDpSVXBbXbbZxKLKc

Request Chain 200

https://a.tribalfusion.com/i.match?p=b6&u=CAESEInDxqQJwao9-lI7uKB7Kbc&google_cver=1&google_push=AaAOQGGL0zhou8Y99PC915CurAXh4BdON-m5YIbdkM5flMPuBvJlU0HxwJ1cMIc1CQptL0LTmXxa2DwSxptzyYXed8VwEtnPC0cc9TM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGL0zhou8Y99PC915CurAXh4BdON-m5YIbdkM5flMPuBvJlU0HxwJ1cMIc1CQptL0LTmXxa2DwSxptzyYXed8VwEtnPC0cc9TM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEInDxqQJwao9-lI7uKB7Kbc&google_cver=1&google_push=AaAOQGGL0zhou8Y99PC915CurAXh4BdON-m5YIbdkM5flMPuBvJlU0HxwJ1cMIc1CQptL0LTmXxa2DwSxptzyYXed8VwEtnPC0cc9TM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGL0zhou8Y99PC915CurAXh4BdON-m5YIbdkM5flMPuBvJlU0HxwJ1cMIc1CQptL0LTmXxa2DwSxptzyYXed8VwEtnPC0cc9TM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEM9OHcus5s40KOaCzIipz_U&google_cver=1&google_push=AaAOQGFwaSxx0IN_o0xEZPuPUMxL38azOwPqLHk5J97gdY452jNTHSGt23JM20uqncgf07r408bnR5-fXS3g9UPO4HdthjvMo0XpNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM9OHcus5s40KOaCzIipz_U&google_push=AaAOQGFwaSxx0IN_o0xEZPuPUMxL38azOwPqLHk5J97gdY452jNTHSGt23JM20uqncgf07r408bnR5-fXS3g9UPO4HdthjvMo0XpNQ

Request Chain 203

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESED1MUDEY4dBJ7Jknp3hMR3I&google_cver=1&google_push=AaAOQGEy4nsM3J5fVF6OLPlHRdFsLh7J7Tp9ltL_Gy09Qcmvl5V7KFvYFL_KmDshfcHhAS1wPhgH_7VuAmNGrSwI1_lS5DhypoCtafo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTQ4MDE2ODE4ODQ3NTU0Mg%3D%3D&google_push=AaAOQGEy4nsM3J5fVF6OLPlHRdFsLh7J7Tp9ltL_Gy09Qcmvl5V7KFvYFL_KmDshfcHhAS1wPhgH_7VuAmNGrSwI1_lS5DhypoCtafo

Request Chain 204

https://ads.travelaudience.com/google_pixel?google_gid=CAESEA9iUq3MzPhasO5b1NElKDo&google_cver=1&google_push=AaAOQGFv1oqABVulpHLJkIG04bEjEJgrSTx2NamA2uhM6JRwBMtXpflEmyZYeO3uW8Dy3mqcUu8bGQIYucK15QUENOismNeTQNiYBzY HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pBgWCu4rShGSj1LJsUj1AA2&google_push=AaAOQGFv1oqABVulpHLJkIG04bEjEJgrSTx2NamA2uhM6JRwBMtXpflEmyZYeO3uW8Dy3mqcUu8bGQIYucK15QUENOismNeTQNiYBzY

217 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
all-news.co/
Redirect Chain

https://u4152507.ct.sendgrid.net/ls/click?upn=7Bnok9b2uoSEcg9WheTyKOASTh-2B6TgHSZcjriAbyURKDp1k6tl1TTKk4mhYOGERzF35DR5q4yZXReGaD7HF9ilsDwm8N8l8upL9krK1cJGo-3DZVcy_sB1ye3dtnvuspz4tKFUf89JkrnFzA9EXPf...
http://185.218.124.16/?Z289MSZzMT0xNjY5MTQ5JnMyPTE4NDg1NzM1NyZzMz1CRQ==
http://all-news.co/
https://all-news.co/

603 KB
604 KB

993ms
842ms

Document
text/html

5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 / PHP/8.0.27
Resource Hash: ec367575135f1ebb53be5ee3cf83555574ae29a87d7cf77bfa33b514465d9259

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jul 2023 06:46:30 GMT
Keep-Alive: timeout=5, max=100
Link: <https://all-news.co/index.php?rest_route=/>; rel="https://api.w.org/" <https://all-news.co/index.php?rest_route=/wp/v2/pages/957>; rel="alternate"; type="application/json" <https://all-news.co/>; rel=shortlink
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
Transfer-Encoding: chunked
X-Powered-By: PHP/8.0.27

Redirect headers

Connection: Keep-Alive
Content-Length: 228
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 03 Jul 2023 06:46:30 GMT
Keep-Alive: timeout=5, max=100
Location: https://all-news.co/
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
all-news.co/wp-includes/js/ 18 KB
19 KB 342ms
49ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:31 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "4904-5f8177dd7124a"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18692

GET
H/1.1 200
OK style.min.css
all-news.co/wp-includes/css/dist/block-library/ 95 KB
96 KB 132ms
49ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:31 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "17ced-5f8177dd6e752"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 97517

GET
H/1.1 200
OK classic-themes.min.css
all-news.co/wp-includes/css/ 291 B
605 B 149ms
50ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:31 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "123-5f8177dd6b872"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 291

GET
H/1.1 200
OK style.css
all-news.co/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
37 KB 148ms
49ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:31 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "92ec-5f71c1544542e"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 37612

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 138ms
49ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de6d4227d7c2186856dc98c33eb45cf3b0e6cf946c5711f139b21e14cdf30479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 06:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 05:35:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 06:46:31 GMT

GET
H/1.1 200
OK style.css
all-news.co/wp-content/themes/Newspaper/ 149 KB
150 KB 147ms
49ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 1370903a1e242d482364b08f180e6add61f2f2b4abae8cfb0de855b56017cfb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:31 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2557c-5f71c14ef049f"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 152956

GET
H/1.1 200
OK td_legacy_main.css
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 161 KB
161 KB 148ms
50ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 5dda8db38026fc522c7c017ba17bbf533be39a00cea07cbc1086f1537dce7272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:31 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2828e-5f71c154f25ad"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 164494

GET
H/1.1 200
OK tdb_main.css
all-news.co/wp-content/plugins/td-cloud-library/assets/css/ 34 KB
34 KB 198ms
50ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:31 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "882f-5f71c15bec76d"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 34863

GET
H/1.1 200
OK jquery.min.js Show response
all-news.co/wp-includes/js/jquery/ 88 KB
88 KB 250ms
51ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:31 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "15ed7-5f8177dd72da2"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 89815

GET
H/1.1 200
OK jquery-migrate.min.js Show response
all-news.co/wp-includes/js/jquery/ 13 KB
13 KB 299ms
49ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:31 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "3470-5f8177dd71e02"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 13424

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 183ms
89ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

febe969d3fcc4972c8d19abdd6d30e262650947851320eab3b7ce9a7de4023c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49008
x-xss-protection: 0
server: cafe
etag: 3048151913250348706
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Jul 2023 06:46:32 GMT

GET
H/1.1 200
OK ALLNEWS-logo-final-1.png
all-news.co/wp-content/uploads/2022/12/ 107 KB
108 KB 49ms
49ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/12/ALLNEWS-logo-final-1.png
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:31 GMT
Last-Modified: Fri, 30 Dec 2022 18:13:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1ada4-5f10f8fb79eed"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 109988

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 24 KB
8 KB 269ms
106ms Script
application/javascript 52.84.221.76

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.221.76 , United States, ASN (),
Reverse DNS: server-52-84-221-76.fco50.r.cloudfront.net
Software: Server /
Resource Hash: aadd32acef3aa8e5fd0919877d93e39c2830277aa3fdee6de13f54f85e4e9ae3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: Public
date: Mon, 03 Jul 2023 00:57:28 GMT
content-encoding: gzip
via: 1.1 744f74d1ab803b97a1ed68ce774df2bc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FCO50-C1
age: 20944
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=86400,s-maxage=86400,no-transform
content-length: 7991
x-amz-cf-id: pkVG1Th4jlsb0GhzP4vnNLpWrij6YWqxNkryY7WuABg8OHYnABeb5Q==
expires: Tue, 04 Jul 2023 00:57:28 GMT

GET
H/1.1 200
OK mobile-bg.jpg
all-news.co/wp-content/uploads/2023/01/ 43 KB
43 KB 49ms
49ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/01/mobile-bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: f132a3b6e8c8de07e8491ce98f184a952823c139df20446f61a1a9daca060a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:31 GMT
Last-Modified: Tue, 10 Jan 2023 16:25:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "abd5-5f1eb56bff015"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 43989

GET
H/1.1 200
OK newspaper.woff
all-news.co/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 49ms
49ms Font
application/font-woff 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/images/icons/newspaper.woff?221
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Request headers

Referer: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:31 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "82d0-5f71c14ef1057"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33488

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 176464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 05:45:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 178ms
98ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 289825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jun 2024 22:16:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 161ms
84ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 91623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jul 2024 05:19:29 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/ 344 KB
118 KB 206ms
124ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8439024877331049&plah=all-news.co&bust=31075665

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c716a966a498965e20e2c400bf0c09baf0df757dfaaad25639f6177840d7b769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121154
x-xss-protection: 0
server: cafe
etag: 17715899479946968524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 03 Jul 2023 06:46:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/ Frame E05D 10 KB
5 KB 128ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:34:18 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 07:34:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
200 q Show response
ws-na.amazon-adsystem.com/widgets/ Frame 17F1 15 KB
4 KB 386ms
119ms Document
text/html 52.94.230.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.230.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: ff34e1a6f4a8d6782d0535c0023ed3b0153d6ac20ea38f6298e3db9755b483aa

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 3422
Content-Type: text/html;charset=UTF-8
Date: Mon, 03 Jul 2023 06:46:32 GMT
Expires: -1
Pragma: no-cache
Server: Server
Vary: User-Agent
charset: UTF-8
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "

GET
H/1.1 200
OK elements.png
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
5 KB 52ms
52ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: b8939a0d5bea5bad9b1dc74928170d320b393615e282545b4e9e1ebcbffc1f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:32 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "10fc-5f71c154f3165"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4348

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 128889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 18:58:23 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
48 KB 100ms
96ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

994c110a96a94e9d56b2cec48fa2eabc12b97087969fce6c9bcdbe780645ed51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49510
x-xss-protection: 0
server: cafe
etag: 4727555335916173303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Jul 2023 06:46:32 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:28:20 GMT
x-content-type-options: nosniff
age: 307092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jun 2024 17:28:20 GMT

GET
H/1.1 200
OK underscore.min.js Show response
all-news.co/wp-includes/js/ 18 KB
19 KB 49ms
49ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:32 GMT
Last-Modified: Tue, 27 Sep 2022 15:18:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "4991-5e9aa27ccd240"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18833

GET
H/1.1 200
OK js_posts_autoload.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
6 KB 49ms
49ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:32 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "14e2-5f71c15becb55"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5346

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/ 301 KB
301 KB 49ms
49ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:32 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "4b207-5f71c154f160d"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 307719

GET
H/1.1 200
OK comment-reply.min.js Show response
all-news.co/wp-includes/js/ 3 KB
3 KB 50ms
50ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/comment-reply.min.js?ver=6.2.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:32 GMT
Last-Modified: Fri, 08 Apr 2022 20:07:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "ba5-5dc2a2438e980"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2981

GET
H/1.1 200
OK js_files_for_front.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 185 KB
185 KB 52ms
51ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:32 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2e345-5f71c15becf3d"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 189253

GET
H/1.1 200
OK footer_bg.jpg
all-news.co/wp-content/uploads/2023/01/ 105 KB
105 KB 49ms
49ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/01/footer_bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: eeced1d8cb05e0490197eca352ff09680161f09b254df3fca1acb8e98593a275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:32 GMT
Last-Modified: Tue, 10 Jan 2023 16:25:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1a481-5f1eb56835892"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 107649

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
602 B 165ms
48ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=all-news.co&callback=_gfp_s_&client=ca-pub-8439024877331049

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8439024877331049&plah=all-news.co&bust=31075665

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc5b6fcaf7eaae8c380b108f063ccefb76732635b02c7b5f751e91c29788966a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 144ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5201 606 KB
108 KB 1477ms
1476ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1688366792&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366792204&bpp=7&bdt=613&idt=293&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8202577943988&frm=20&pv=2&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=337

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d79cff36a18744567498afd8c4372a01f47bbb8b9f1e59c4fa3bd04f914a4700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 110735
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:46:33 GMT
expires: Mon, 03 Jul 2023 06:46:33 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7EE8 95 KB
34 KB 575ms
575ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1617494618&adf=215103401&pi=t.aa~a.2152671543~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1688366792&rafmt=1&to=qs&pwprc=3183826420&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366792211&bpp=1&bdt=620&idt=332&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCKKJFsahz&p=https%3A//all-news.co&dtd=334

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c1024f3f8b93b550f5e0b063bf4c107ff28fe56cfcb061a5b7e277b71194749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34339
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:46:33 GMT
expires: Mon, 03 Jul 2023 06:46:33 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C06D 107 KB
36 KB 435ms
434ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1688366792&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366792284&bpp=14&bdt=693&idt=314&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eEFnUUdyMR&p=https%3A//all-news.co&dtd=318

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28540892c6ab9c51d20214460a7f0c9e81a8f9150b7a8a71652ebb2b330ab5f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36784
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:46:33 GMT
expires: Mon, 03 Jul 2023 06:46:33 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 a-logo-amazon.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 17F1 1 KB
2 KB 312ms
39ms Image
image/png 108.138.23.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/a-logo-amazon.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.23.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-23-225.fra56.r.cloudfront.net
Software: Server /
Resource Hash: bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 02:37:40 GMT
via: 1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jun 2023 23:39:28 GMT
server: Server
x-amz-cf-pop: FRA56-P7
age: 1224532
etag: "593-5fd19f2897c1f"
x-cache: Hit from cloudfront
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1427
x-amz-cf-id: py9VyZzIipEg52UE9DiOqTFJHGjzhcITrzhheUqx8mlMrr8kdk2vKg==
expires: Mon, 26 Jun 2023 02:37:40 GMT

GET
H2 200 41-rSOtoD6L._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame 17F1 3 KB
3 KB 175ms
43ms Image
image/jpeg 2600:9000:2491:1c00:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/41-rSOtoD6L._AC_AC_SR98,95_.jpg
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1c00:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 6c711e7939187c82f8ee963b72e8d9bb34338ee60be229dd0417527f57a1e8a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:06:37 GMT
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
age: 7688395
x-amz-cf-pop: FRA56-P7
edge-cache-tag: x-cache-918,/images/I/41-rSOtoD6L
x-nginx-cache-status: MISS
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 2593
surrogate-key: x-cache-918 /images/I/41-rSOtoD6L
last-modified: Tue, 15 Nov 2022 01:42:51 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 3afe2f61-b3aa-4fb1-bf7b-7e8c70c6090a
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: xgSNAp7tUId-z0LROd0KX1KhEOb_5XLOzl5Ykc4LChsS4FiZDRbCvQ==
expires: Tue, 31 Mar 2043 07:06:37 GMT

GET
H2 200 prime.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 17F1 3 KB
4 KB 298ms
40ms Image
image/png 108.138.23.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/prime.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.23.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-23-225.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:30:58 GMT
via: 1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jun 2023 23:39:28 GMT
server: Server
x-amz-cf-pop: FRA56-P7
age: 620134
etag: "d1d-5fd19f2898bbf"
x-cache: Hit from cloudfront
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3357
x-amz-cf-id: tdSUbTi2ltFS-TV5r5-4u3_3q-o9dmfsjc2wZmEm8nBhEerEHDKzug==
expires: Mon, 03 Jul 2023 02:30:58 GMT

GET
H/1.1 200
OK json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 17F1 43 B
200 B 374ms
116ms Image
image/gif 52.94.225.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1688366792719&p=%7B%22program%22%3A%221%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22health0b30-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Fall-news.co%2F%22%7D
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.94.225.95 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:33 GMT
x-amzn-RequestId: 26a23a5b-085e-499f-8008-0a9b1bf84fe1
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cart.gif
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 17F1 341 B
711 B 289ms
40ms Image
image/gif 108.138.23.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.23.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-23-225.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 01:29:32 GMT
via: 1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jun 2023 23:28:11 GMT
server: Server
x-amz-cf-pop: FRA56-P7
age: 969420
etag: "155-5fd19ca299202"
x-cache: Hit from cloudfront
content-type: image/gif
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 341
x-amz-cf-id: lz6118F4imNv3-9lOk4nCd4Du4QE4cn12Qt9whAKKR1CcAZU4S_8ow==
expires: Thu, 29 Jun 2023 01:29:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C06D 14 KB
1 KB 53ms
53ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1688366792&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366792284&bpp=14&bdt=693&idt=314&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eEFnUUdyMR&p=https%3A//all-news.co&dtd=318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 06:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 05:23:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 06:46:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame C06D 2 KB
926 B 213ms
126ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C06D 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAclXyG6iZN2aJ83L7_UPzoCTiA7BqMSSccS3g7WTEWQQASDM0-yCAWCVgoCAmAegAcrF0oIDyAEJqQLv4GmdP02yPqgDAcgDywSqBMABT9B8dJGq-qcn-tfO5QaDpH0ukRBZ-3GJHT9USDFH0RTvAHhy0xKPVdRzxUFgwu5VuK2je_oYXgh51ti6ckyjf7sjEAmJSz0ogg7av7vIUBYPGNz3oveUdaNlOnYBsATgMmoJ_bfKCHNT2qeQYv06BizYCYtVHL8hzUVq1PvOSQ0zeCi79t_0cEe2b0vgY5cl1p76Dq1edyeVpjGMfaTxRE_5NABjbej3ILrVvuQtlIw2-DrFpv7J6oDlNV0ThDtPwATA06GVxQSSBQQIBBgBkgUECAUYBKAGLoAHnrqtfagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEILNBtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=LaLO0y2OHJI&uach_m=[UACH]&cid=CAQSGwBygQiDM69DB-sjHRgy_svgf-_v5K2EYRGo3BgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1688366792&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366792284&bpp=14&bdt=693&idt=314&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eEFnUUdyMR&p=https%3A//all-news.co&dtd=318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 06:46:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Jul 2023 06:46:33 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1000618942627698932/ Frame C06D 29 KB
29 KB 158ms
84ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1000618942627698932/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2033e9662cfecc74297b16102231936cd38d14d185fd87b7cb9155766896374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 14:47:48 GMT
x-content-type-options: nosniff
age: 143925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29504
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 08:54:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 30 Jun 2024 14:47:48 GMT

GET
DATA 200
OK truncated
/ Frame C06D 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C06D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98e4daaeb16d7d977ca0aaba0659a8e742f08880e34cad86a5b49ed3fa1baf14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame C06D 23 KB
9 KB 184ms
120ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame C06D 3 KB
1 KB 115ms
51ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:39:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame C06D 20 KB
9 KB 104ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:50:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C06D 179 KB
56 KB 220ms
121ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 06:46:33 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame C06D 33 KB
14 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7EE8 6 KB
706 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1617494618&adf=215103401&pi=t.aa~a.2152671543~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1688366792&rafmt=1&to=qs&pwprc=3183826420&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366792211&bpp=1&bdt=620&idt=332&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCKKJFsahz&p=https%3A//all-news.co&dtd=334

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 06:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 04:46:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 06:46:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 7EE8 2 KB
973 B 138ms
125ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 7EE8 23 KB
9 KB 59ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 7EE8 3 KB
1 KB 87ms
82ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:39:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 7EE8 20 KB
8 KB 58ms
45ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:50:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7EE8 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ci0ocyG6iZPqFJJDL7_UPmsi-kAXHxL-Pccb03bGwEY7Pv9LFMRABIMzT7IIBYJWCgICYB6AB77CF3CjIAQmpAu_gaZ0_TbI-qAMByAPLBKoEvgFP0MnFA70eBIa4FG5qxGTISxd8VpUWOzdTNWnELbYxe5ciS5--_dpDVbeMQhmrD3EgqG5FZ6fMbMECi-ZAsQvnBwVj97xiWKYeUfveu7Ug40Ugg4HUN-SwrJosS_A1AsyTxm98YCOXKZrH-zOCtFYBMn3WRKx76FDpTySRVR1KM5mKFqaiAAaVAULQXXK4fQacP8azg8gjgBQUQxXis_zvMws5Ihxl4LMpL1mzfdo4bYHFZR-EJjGl8dRIkmmNwASXzZGMkgSSBQQIBBgBkgUECAUYBKAGLoAH7-jVuwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDKhVrSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBPkA9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=vlpAjG-mJ4I&uach_m=[UACH]&cid=CAQSGwBygQiDxqG4pM_oxQeer5EgWQajMaw9uwYBBBgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=1617494618&adf=215103401&pi=t.aa~a.2152671543~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1688366792&rafmt=1&to=qs&pwprc=3183826420&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366792211&bpp=1&bdt=620&idt=332&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCKKJFsahz&p=https%3A//all-news.co&dtd=334
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 06:46:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Jul 2023 06:46:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7EE8 179 KB
57 KB 96ms
56ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 06:46:33 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame 7EE8 33 KB
14 KB 78ms
50ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15440804678249033702/ Frame 7EE8 11 KB
12 KB 110ms
108ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15440804678249033702/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c6765a14b047701fda89d020fb1c88bd446a24ad8f58ea01f9d21505412369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:00:22 GMT
x-content-type-options: nosniff
age: 2771
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11743
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 09:21:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 Jul 2024 06:00:22 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/18436248163444061706/ Frame 7EE8 2 KB
2 KB 121ms
119ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18436248163444061706/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946f7fad6ed97da1cb407f76a77dc9a66deb85456af8d40b15d943f8111e7d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:00:16 GMT
x-content-type-options: nosniff
age: 2777
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2419
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 11:30:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 Jul 2024 06:00:16 GMT

GET
DATA 200
OK truncated
/ Frame 7EE8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a10516cb0733b476034a17688342c01f2cd0f42963c7fea64bd3cd775acfdcf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C06D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b130882d064ad243fb103f2186f910336480e0eb5537268ff3fee75ace91d1ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7EE8 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:28:20 GMT
x-content-type-options: nosniff
age: 307093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jun 2024 17:28:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7EE8 15 KB
16 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 91624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jul 2024 05:19:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7EE8 15 KB
15 KB 57ms
57ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 289826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jun 2024 22:16:07 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C06D 33 KB
33 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 02:43:59 GMT
x-content-type-options: nosniff
age: 100954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jul 2024 02:43:59 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame FC2F 38 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 20:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jul 2024 20:00:55 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 28D3 38 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 20:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jul 2024 20:00:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 50ms
50ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0CC 92 KB
35 KB 540ms
539ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1688366794&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794075&bpp=1&bdt=2483&idt=1&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280&nras=2&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=41hlULPMX1&p=https%3A//all-news.co&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d752d3e14feeac1c6650c25d23157868fa3a108d7160f0ab9ec5df5cd6611d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 35612
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:46:34 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 88ms
87ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74d20e0505cc5f1bc83663fcc7d54363a39e37a98c325765f8c9905fceb4150f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11251
x-xss-protection: 0

GET
H/1.1 200
OK 5003-tax-guy-my-inherited-investment-accounts-have-lost-28000-can-i-liquidate-them-and-take-a-tax-write-off.jpg
all-news.co/wp-content/uploads/2023/07/ 74 KB
74 KB 49ms
49ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/07/5003-tax-guy-my-inherited-investment-accounts-have-lost-28000-can-i-liquidate-them-and-take-a-tax-write-off.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 134b499f3f40452bb2eec57b46e59a648df46e15139fc58c09bec48f08ba24c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:34 GMT
Last-Modified: Sun, 02 Jul 2023 23:43:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "12789-5ff899cfcb00d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 75657

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/ 153 KB
52 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/reactive_library_fy2021.js?bust=31075665

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c0ecdf3a722614af320f8f0acbe04c6f592eadf01e564c1f283f39fbc81748c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53268
x-xss-protection: 0
server: cafe
etag: 5941274446308907383
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jul 2023 06:46:34 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B96 147 KB
44 KB 661ms
660ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3026534217&pi=t.aa~a.3633471688~rp.1&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250&nras=3&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Qk35iY2qD7&p=https%3A//all-news.co&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab2bbe0aaf8ae214ac124443f3e3551961f6c98e998dac445e34c52f8b15ff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 44716
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:46:34 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6C77 92 KB
35 KB 765ms
765ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=328123490&pi=t.aa~a.2368139338~rp.4&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=1&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250%2C324x250&nras=4&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=cbCYTR0pxm&p=https%3A//all-news.co&dtd=39

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c7a8c17c712cababee2f574f796daf6a80a5cf17ccaa3e5a66633a477177bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 35743
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:46:35 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 5001-lillard-requests-trade-prefers-heat-source-says.jpg
all-news.co/wp-content/uploads/2023/07/ 29 KB
29 KB 49ms
49ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/07/5001-lillard-requests-trade-prefers-heat-source-says.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 5b7bec9e875b09a4d35719461e5e38f0f68e3286c71a0c5b69246b3127a985f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:34 GMT
Last-Modified: Sun, 02 Jul 2023 14:43:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "726b-5ff8211acb707"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 29291

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 06:46:34 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame 09D6 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame 1E51 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame D6FE 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame D217 10 KB
4 KB 42ms
41ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 4999-stallions-qb-alex-mcgough-is-an-mvp-and-a-usfl-champ-but-how-high-can-he-climb.jpg
all-news.co/wp-content/uploads/2023/07/ 5 KB
5 KB 49ms
49ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/07/4999-stallions-qb-alex-mcgough-is-an-mvp-and-a-usfl-champ-but-how-high-can-he-climb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: d1dd0169b434cfd45487c8f200b463ec483f198db89e1880890386deaaa4c8bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:34 GMT
Last-Modified: Sun, 02 Jul 2023 14:43:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "14a1-5ff821187e176"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5281

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/07/5003-tax-guy-my-inherited-investment-accounts-have-lost-28000-can-i-liquidate-them-and-take-a-tax-write-off.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 134b499f3f40452bb2eec57b46e59a648df46e15139fc58c09bec48f08ba24c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:34 GMT
Last-Modified: Sun, 02 Jul 2023 23:43:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "12789-5ff899cfcb00d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 75657

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7EE8 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqGPVqcbnOVKFzd_cG6BD55w0HOcvtLwdMJtwI-mpoaSEzIe3FMrmt3CdZeM4psiDCj320xJBKCNhruBEyzoaBEqljpaN2UDcgHgQ4A9eL3pyAoXo1TrnAs57LSqA9da4WiA4byrUL_abu&sai=AMfl-YRMXRLNRgQL3-mobbTQYXld50cbeSa1KyAPP9uWhIbthRmCZA5N7mqd1a_kBgm6qucBYpk0iNKQFXao&sig=Cg0ArKJSzEW2kwYihES-EAE&cid=CAQSGwBygQiDxqG4pM_oxQeer5EgWQajMaw9uwYBBBgB&id=lidar2&mcvt=1040&p=0,0,280,1200&mtos=1040,1040,1040,1040,1040&tos=1040,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1617494618&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688366792546&rpt=881&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 09D6 4 KB
671 B 52ms
52ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 05:39:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 06:46:34 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 09D6 205 B
519 B 40ms
39ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:07:28 GMT
x-content-type-options: nosniff
age: 49146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Jul 2024 17:07:28 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 09D6 604 B
695 B 40ms
40ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 13:21:06 GMT
x-content-type-options: nosniff
age: 62728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Jul 2024 13:21:06 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 09D6 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 19:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42352
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8602
x-xss-protection: 0
server: cafe
etag: 5099012690780875661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 19:00:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1E51 14 KB
1 KB 51ms
51ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 04:50:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 06:46:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1E51 2 KB
892 B 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 1E51 23 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1E51 3 KB
1 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:39:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1E51 20 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:50:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E51 179 KB
56 KB 2251ms
2251ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 06:46:36 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame 1E51 33 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D6FE 14 KB
1 KB 50ms
49ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 05:23:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 06:46:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame D6FE 2 KB
892 B 66ms
65ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame D6FE 23 KB
9 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame D6FE 3 KB
1 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:39:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame D6FE 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:50:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D6FE 179 KB
56 KB 2211ms
2210ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 06:46:36 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame D6FE 33 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D6FE 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rsra&context=grsl&params=2-%26adk%3D1812271804%26client%3Dca-pub-8439024877331049%26fa%3D4%26ifi%3D11%26uci%3Da!b%26btvi%3D6%26xpc%3DKbHvNwsycw%26p%3Dhttps%3A%2F%2Fall-news.co

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 90cda0d4b2e9798013d5ae8e8588fe0b.js Show response
www.gstatic.com/mysidia/ Frame D217 9 KB
4 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/90cda0d4b2e9798013d5ae8e8588fe0b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3972
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:17:17 GMT

GET
H2 200 820071d88aa928150e66acb27900ec37.js Show response
www.gstatic.com/mysidia/ Frame D217 10 KB
4 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/820071d88aa928150e66acb27900ec37.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3451903cd80a7bb5b5eb6a902dcd609da4cc819cc07304bdee4778d4b3560298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:20:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4215
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:20:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D217 14 KB
1 KB 66ms
65ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 04:55:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 06:46:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame D217 2 KB
892 B 68ms
67ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame D217 23 KB
9 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame D217 3 KB
1 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:39:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame D217 20 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:50:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D217 179 KB
56 KB 2212ms
2211ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 06:46:36 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame D217 33 KB
14 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H/1.1 200
OK 4991-how-businesses-can-break-through-the-chatgpt-hype-with-workable-ai.png
all-news.co/wp-content/uploads/2023/07/ 1 MB
1 MB 51ms
51ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/07/4991-how-businesses-can-break-through-the-chatgpt-hype-with-workable-ai.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 99bc4fb81d1282923adcc0bdf46cd12990e228a1bb8ba0a2f0d66f0ee5cafc77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:34 GMT
Last-Modified: Sun, 02 Jul 2023 11:43:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "10076e-5ff7f8e33568c"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1050478

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A5DC 13 KB
5 KB 42ms
41ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 20:00:55 GMT
expires: Mon, 01 Jul 2024 20:00:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 80CB 783 B
1 KB 139ms
50ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a7d5cc5668183da8513bda282451f3d36281560114ea6002ec803afdf714829f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PEBAAo_qVUQChvA7SI-NqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-PEBAAo_qVUQChvA7SI-NqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:46:34 GMT
expires: Mon, 03 Jul 2023 06:46:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 5001-lillard-requests-trade-prefers-heat-source-says.jpg
all-news.co/wp-content/uploads/2023/07/ 29 KB
29 KB 50ms
49ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/07/5001-lillard-requests-trade-prefers-heat-source-says.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 5b7bec9e875b09a4d35719461e5e38f0f68e3286c71a0c5b69246b3127a985f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:34 GMT
Last-Modified: Sun, 02 Jul 2023 14:43:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "726b-5ff8211acb707"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 29291

GET
H3 200 css
fonts.googleapis.com/ Frame 5E01 6 KB
706 B 52ms
52ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 04:52:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 06:46:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 5E01 2 KB
892 B 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 5E01 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 5E01 3 KB
1 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:39:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 5E01 20 KB
8 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:50:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E01 179 KB
56 KB 2183ms
2180ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 06:46:36 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame 5E01 33 KB
14 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H/1.1 200
OK 4999-stallions-qb-alex-mcgough-is-an-mvp-and-a-usfl-champ-but-how-high-can-he-climb.jpg
all-news.co/wp-content/uploads/2023/07/ 5 KB
5 KB 51ms
50ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/07/4999-stallions-qb-alex-mcgough-is-an-mvp-and-a-usfl-champ-but-how-high-can-he-climb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: d1dd0169b434cfd45487c8f200b463ec483f198db89e1880890386deaaa4c8bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:34 GMT
Last-Modified: Sun, 02 Jul 2023 14:43:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "14a1-5ff821187e176"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5281

GET
H/1.1 200
OK ai.aspx Show response
at.bahn.de/ Frame D217 43 B
1 KB 215ms
51ms Fetch
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://at.bahn.de/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=19589286404&cb=2327197795

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Mülheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 03 Jul 2023 06:46:34 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://at.bahn.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 03 Jul 2023 06:46:34 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D217 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq839yG6iZKLMI62k9u8Pr8WQiA3mq-qzcZmR8YOwEdrZHhABIMzT7IIBYJWCgICYB6AB092akwPIAQGpAu_gaZ0_TbI-qAMByAPLBKoEvQFP0BZOh4jzw-GdlQRd7FCgJQP8dMYTSBtTihuxr2l0-61RQuPpQzPiR4uZJRmn_c65q0Yj_srWQ4EOAyYi12mYiTrexNA-rCeQYHGMLos-6AvvqNbWx5FD2y7FhchhXfN8D9ZtCXQaaLoEKQL9MUp0t--g46XaOtlROEwpoJlOlSc_WINwtKEWOjrr7T_DpolWoLOyw4xOlfvR673DgJo5Zr3OY7NySW3CWqNDGxoyNpcdNdVYRYCDKCr_ngvABOn9qeOiBJIFBAgEGAGSBQQIBRgEgAeVouVsqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQr9td0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTAogUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=BTLonpQXqTs&uach_m=[UACH]&cid=CAQSGwBygQiDEugRwixqhm5Q2hmpYfZXYDOL215HGhgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 06:46:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7FAB 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D217 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98560cdd17cd2337b7a4c4e44af1834e47b7dd882bdf1fcc77d2e1e39ee74f70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame E0CC 390 B
305 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Satisfy%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1688366794&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794075&bpp=1&bdt=2483&idt=1&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280&nras=2&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=41hlULPMX1&p=https%3A//all-news.co&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95bd3a7fbbbdcfad4914d168384cd92f41e9279ad80ac78304f461e9ead5b214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 06:21:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 06:46:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame E0CC 2 KB
892 B 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:27 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame A5DC 38 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 20:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jul 2024 20:00:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E0CC 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZW-wym6iZOKpB7bH7_UPjuaQ-A-72_SCcbC6xd7gEa_Mor3AARABIMzT7IIBYJWCgICYB6ABz-q7jAPIAQmoAwHIA0iqBL4BT9DLW31660DRK89zcV5aXRbFW66wdPJqFoJZzNLLiYCn2rc8MiLtq0tFzz8AfKRheBvLkH-ZyL7JoKCBnqSWqJ5g81rx_E3QLwnv0CFvLFOcNDnKICKvPHpLSwvTXx6sd3dZ6_VstoOvbPEXzFvQaZzAF9tBzCWfTPBx5K20SqpKy4Bnl0UGSJ1OhwC1FVmScFxpSNlCdvJknF4hLbSPfYwFPH-7IrXPgJqp4fZuTFNYoxlb8YtZskKCrSR_78AEhJynh7IEkgUECAQYAZIFBAgFGASgBi6AB-jjwN0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQurIH0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=tkv_6Gc5pZs&uach_m=[UACH]&cid=CAQSOwBygQiDfTAt1Xv__oEA1C6hQxlOQNq8uJEEV6Jo1EcybNTaSZgZGxmnzgcB5V-DV5O8-_V3_4tqlispGAE&template_id=5034

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1688366794&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794075&bpp=1&bdt=2483&idt=1&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280&nras=2&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=41hlULPMX1&p=https%3A//all-news.co&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 06:46:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5329574950108211994/ Frame E0CC 26 KB
26 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5329574950108211994/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911ed451c7c187ed81de2ac7c134b608693abafae184f6488cc72755d3b0982c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:30:26 GMT
x-content-type-options: nosniff
age: 267368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26221
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 15:39:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 29 Jun 2024 04:30:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame E0CC 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame E0CC 3 KB
1 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:39:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4240 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:36:12 GMT
etag: 48472445140208031
expires: Mon, 03 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame E0CC 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E0CC 0
0 48ms
47ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDiCw2MDYHuFy_-P8odLbXqz0_-_ZXZ_H2UcmSiRVp5JSg9UZKkxA0mBoVwH9x1YLDVcHUK_y4D25ZZfFAjVhSql_eLg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1688366794&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794075&bpp=1&bdt=2483&idt=1&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280&nras=2&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=41hlULPMX1&p=https%3A//all-news.co&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0CC 179 KB
56 KB 2070ms
2069ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 06:46:36 GMT

GET
H3 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame E0CC 33 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7FAB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
48ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:46:34 GMT
expires: Mon, 03 Jul 2023 06:46:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:46:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 80CB 0
0 74ms
73ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=4099821538070399&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200
OK 4993-the-universal-backlot-the-tools-of-the-metaverse-jon-peddie.jpg
all-news.co/wp-content/uploads/2023/07/ 179 KB
179 KB 50ms
50ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/07/4993-the-universal-backlot-the-tools-of-the-metaverse-jon-peddie.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: d10feec4f6e0bcf409f72ffcfbb2d43a4f3c0555f6f44a0a2adc42a0dfd951bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:34 GMT
Last-Modified: Sun, 02 Jul 2023 11:43:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2cc4f-5ff7f8e378ca8"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 183375

GET
DATA 200
OK truncated
/ Frame E0CC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fa7e7901799ac3c52e22734f1538c614df5ae5830c711e41de50f70563259a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4240
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TnhYcGFpemgxUWdka3U1&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&google_cver=1&google_push=AaAOQGHgVfD7rQsPfOHYyTcsZjsef3q4OaUn8q7t5jM-uok...

170 B
233 B

50ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TnhYcGFpemgxUWdka3U1&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&google_cver=1&google_push=AaAOQGHgVfD7rQsPfOHYyTcsZjsef3q4OaUn8q7t5jM-uok4cNFpVsqmHkD3g8QELSE5ZdS3Si5lU1KLPFkBnQVkcnQE8AVb13n15iQ

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 06:46:33 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-036c9e308bb7e39b5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TnhYcGFpemgxUWdka3U1&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&google_cver=1&google_push=AaAOQGHgVfD7rQsPfOHYyTcsZjsef3q4OaUn8q7t5jM-uok4cNFpVsqmHkD3g8QELSE5ZdS3Si5lU1KLPFkBnQVkcnQE8AVb13n15iQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4240
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEIBwgZwXxY-FM6WZKv1l3U&google_cver=1&google_push=AaAOQGHEZxxSBX29wGQLCSKpsh40I8-XMUfxDLENiweetMOBAEc87f25F5XKYSPfXjRtKtHgtvBK-7zcgzJ7vDMU...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHEZxxSBX29wGQLCSKpsh40I8-XMUfxDLENiweetMOBAEc87f25F5XKYSPfXjRtKtHgtvBK-7zcgzJ7vDMUkJ9zzz_vh_1brgQ

170 B
233 B

52ms
52ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHEZxxSBX29wGQLCSKpsh40I8-XMUfxDLENiweetMOBAEc87f25F5XKYSPfXjRtKtHgtvBK-7zcgzJ7vDMUkJ9zzz_vh_1brgQ

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 03 Jul 2023 06:46:34 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x8 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHEZxxSBX29wGQLCSKpsh40I8-XMUfxDLENiweetMOBAEc87f25F5XKYSPfXjRtKtHgtvBK-7zcgzJ7vDMUkJ9zzz_vh_1brgQ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 03 Jul 2023 06:46:33 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4240
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEA9iUq3MzPhasO5b1NElKDo&google_cver=1&google_push=AaAOQGEnDtYZBoScyUrTJVaoz4bdu0ETnI0Aw4JyG3EM8xzGGZn5MCaXOOXrGT_KONPxrFTXLpB1RP_yiJ6li_Y8...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pBgWCu4rShGSj1LJsUj1AA2&google_push=AaAOQGEnDtYZBoScyUrTJVaoz4bdu0ETnI0Aw4JyG3EM8xzGGZn5MCaXOOXrGT_KONPxrFTXLpB1RP_yiJ6li_Y8Q5jRSqZCLIU7AZU

170 B
330 B

50ms
50ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pBgWCu4rShGSj1LJsUj1AA2&google_push=AaAOQGEnDtYZBoScyUrTJVaoz4bdu0ETnI0Aw4JyG3EM8xzGGZn5MCaXOOXrGT_KONPxrFTXLpB1RP_yiJ6li_Y8Q5jRSqZCLIU7AZU

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Jul 2023 06:46:34 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pBgWCu4rShGSj1LJsUj1AA2&google_push=AaAOQGEnDtYZBoScyUrTJVaoz4bdu0ETnI0Aw4JyG3EM8xzGGZn5MCaXOOXrGT_KONPxrFTXLpB1RP_yiJ6li_Y8Q5jRSqZCLIU7AZU
x-host: tde-deliveryengine-production-7c97bc8457-6xqvt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4240
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFDJHjTBJK7BKmkvrAehZSk&google_cver=1&google_push=AaAOQGGIsmZ7n_TSrRgKOXbAbN0HWH3H-s-_mxTLA5c4WB9YyjhahzJWN28SgaKBmKiYhD99yRSMPTYSp7cm94v5GBmH...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFDJHjTBJK7BKmkvrAehZSk&google_cver=1&google_push=AaAOQGGIsmZ7n_TSrRgKOXbAbN0HWH3H-s-_mxTLA5c4WB9YyjhahzJWN28SgaKBmKiYhD99yRSMPTYSp7cm94...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=476b729d-bec8-4c01-ad10-0084d845f5a0&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGIsmZ7n_TSrRgKOXbAbN0HWH3H-s-_mxTLA5c4WB9YyjhahzJWN28SgaKBmKiYhD99yRSMPTYSp7cm94v5GBmH-xbtSG3YNPU&google_hm=q8viUjVbTiS0Kzq-7f2Z...

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGIsmZ7n_TSrRgKOXbAbN0HWH3H-s-_mxTLA5c4WB9YyjhahzJWN28SgaKBmKiYhD99yRSMPTYSp7cm94v5GBmH-xbtSG3YNPU&google_hm=q8viUjVbTiS0Kzq-7f2Zjg==

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGIsmZ7n_TSrRgKOXbAbN0HWH3H-s-_mxTLA5c4WB9YyjhahzJWN28SgaKBmKiYhD99yRSMPTYSp7cm94v5GBmH-xbtSG3YNPU&google_hm=q8viUjVbTiS0Kzq-7f2Zjg==
date: Mon, 03 Jul 2023 06:46:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4240
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHlY-xVg7QctwQlJVqEJ65I&google_cver=1&google_push=AaAOQGHmtQEqRHX25VQixFN8hVZIE1gqJ9LeyBVkPYWXJIS5IE7ruYd-QRruy-blULDxhTp3ZFly01UQJIpgX6JWH8sU3PW...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHmtQEqRHX25VQixFN8hVZIE1gqJ9LeyBVkPYWXJIS5IE7ruYd-QRruy-blULDxhTp3ZFly01UQJIpgX6JWH8sU3PW8vx9EP98&google_hm=eS1mdXUwVmFWRTJwSHR...

170 B
233 B

50ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHmtQEqRHX25VQixFN8hVZIE1gqJ9LeyBVkPYWXJIS5IE7ruYd-QRruy-blULDxhTp3ZFly01UQJIpgX6JWH8sU3PW8vx9EP98&google_hm=eS1mdXUwVmFWRTJwSHRqMW9Belo5THZjQUZneGNneVJnaX5B

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Jul 2023 06:46:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHmtQEqRHX25VQixFN8hVZIE1gqJ9LeyBVkPYWXJIS5IE7ruYd-QRruy-blULDxhTp3ZFly01UQJIpgX6JWH8sU3PW8vx9EP98&google_hm=eS1mdXUwVmFWRTJwSHRqMW9Belo5THZjQUZneGNneVJnaX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 4240 43 B
363 B 162ms
49ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEKd_yr4DvlLRVvf7C0uPTX8&google_cver=1&google_push=AaAOQGFtWvHcF8Z_MnD5Lcm14VRygi5TC184NCV-24V1I3zRWYuT2lSOFBdLkBgSl2g2owqso_6dWwLfq1RrP7IkNOEpShNEvfmta_w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:34 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 243597
expires: Mon, 03 Jul 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4240
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHa5qaC2XaYhpj5c1Gf0cx0&google_cver=1&google_push=AaAOQGFxbOEryjWnhKd46WQmRDY0mSKQkr1fTzV9KcMYcTdgdPs1iYyCYFWuhMjr3v_TW9V9gdHqwEHcOET_...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFxbOEryjWnhKd46WQmRDY0mSKQkr1fTzV9KcMYcTdgdPs1iYyCYFWuhMjr3v_TW9V9gdHqwEHcOET_i0ZG6DtyNaPyiI4AIXw

170 B
233 B

54ms
54ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFxbOEryjWnhKd46WQmRDY0mSKQkr1fTzV9KcMYcTdgdPs1iYyCYFWuhMjr3v_TW9V9gdHqwEHcOET_i0ZG6DtyNaPyiI4AIXw

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFxbOEryjWnhKd46WQmRDY0mSKQkr1fTzV9KcMYcTdgdPs1iYyCYFWuhMjr3v_TW9V9gdHqwEHcOET_i0ZG6DtyNaPyiI4AIXw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4240 0
131 B 153ms
50ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KLAjDqPrudeLPJIc0ENSokso_hizvjmxzyu8f5Dv7AfMGqzXlpmnwyGuVkU4NamW84zaEi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK 4991-how-businesses-can-break-through-the-chatgpt-hype-with-workable-ai.png
all-news.co/wp-content/uploads/2023/07/ 1 MB
1 MB 50ms
49ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/07/4991-how-businesses-can-break-through-the-chatgpt-hype-with-workable-ai.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 99bc4fb81d1282923adcc0bdf46cd12990e228a1bb8ba0a2f0d66f0ee5cafc77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:34 GMT
Last-Modified: Sun, 02 Jul 2023 11:43:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "10076e-5ff7f8e33568c"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1050478

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A5DC 0
10 B 43ms
42ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PunHoQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK 4993-the-universal-backlot-the-tools-of-the-metaverse-jon-peddie.jpg
all-news.co/wp-content/uploads/2023/07/ 179 KB
179 KB 51ms
51ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/07/4993-the-universal-backlot-the-tools-of-the-metaverse-jon-peddie.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: d10feec4f6e0bcf409f72ffcfbb2d43a4f3c0555f6f44a0a2adc42a0dfd951bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 06:46:34 GMT
Last-Modified: Sun, 02 Jul 2023 11:43:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2cc4f-5ff7f8e378ca8"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 183375

GET
H3 200 90cda0d4b2e9798013d5ae8e8588fe0b.js Show response
www.gstatic.com/mysidia/ Frame 1B96 9 KB
4 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/90cda0d4b2e9798013d5ae8e8588fe0b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3026534217&pi=t.aa~a.3633471688~rp.1&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250&nras=3&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Qk35iY2qD7&p=https%3A//all-news.co&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3972
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:17:17 GMT

GET
H3 200 5658eaf941e87792c5aa45505a3c03dc.js Show response
www.gstatic.com/mysidia/ Frame 1B96 140 KB
51 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5658eaf941e87792c5aa45505a3c03dc.js?tag=video_mra/web_raspberry_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0879a3df3840a18bcdacdd15efeb6193d4a5f858624c518e46685e083eea57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 544599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52458
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:29:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1B96 14 KB
1 KB 51ms
50ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 05:32:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 06:46:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1B96 21 KB
1 KB 51ms
51ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 05:15:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 06:46:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1B96 2 KB
892 B 42ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 1B96 23 KB
9 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1B96 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:39:30 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 1B96 67 B
91 B 43ms
42ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 19:57:40 GMT
x-content-type-options: nosniff
server: cafe
age: 38935
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Mon, 03 Jul 2023 19:57:40 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1B96 20 KB
8 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:50:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1B96 0
0 48ms
47ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ97zDkaU3Z2l0TVxFlNps1X1mhcmTouj9RqlRepkZsP8iYSw05Co_Vyfz31N22rpoh5-lfbquL4HbfQKgmeyzRHX_vcw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3026534217&pi=t.aa~a.3633471688~rp.1&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250&nras=3&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Qk35iY2qD7&p=https%3A//all-news.co&dtd=26
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B96 179 KB
56 KB 1779ms
1778ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 06:46:36 GMT

GET
H3 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame 1B96 33 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8894579893164176329/ Frame 1B96 3 KB
3 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8894579893164176329/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aea82d0591a7ba44f6716ceb8bf5d194f0753bfba0fa3271e518eea5ef9646c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:54:02 GMT
x-content-type-options: nosniff
age: 139953
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2892
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 07:24:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 30 Jun 2024 15:54:02 GMT

GET
DATA 200
OK truncated
/ Frame 1B96 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 1B96 0
235 B 155ms
42ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ljmhzwns&c=8110967413925&slotId=4055483706962.5&qqid=CO60mrj48f8CFTXtuwgdn6QBZQ&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/5658eaf941e87792c5aa45505a3c03dc.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6657516385617994849/ Frame 1B96 65 KB
65 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6657516385617994849/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

009145af238e0de6bed8df118c9621b501a02dd9208e5ceabeb2c239e0edd47a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:34:58 GMT
x-content-type-options: nosniff
age: 551497
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66256
x-xss-protection: 0
last-modified: Mon, 08 May 2023 14:45:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Jun 2024 21:34:58 GMT

GET
H/1.1 206
Partial Content videoplayback
rr1---sn-4g5lznls.googlevideo.com/ Frame 1B96 62 KB
63 KB 159ms
40ms Media
video/mp4 2a00:1450:4001:26::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-4g5lznls.googlevideo.com/videoplayback?expire=1688395594&ei=ym6iZKXZNOrIx_APw8C8yAg&ip=2a01:4a0:1338:92::3&id=37b14a20e780171d&itag=18&source=youtube&requiressl=yes&mh=Un&mm=31&mn=sn-4g5lznls&ms=au&mv=m&mvi=1&pl=29&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=3.691&lmt=1675257056837063&mt=1688366506&txp=6219224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgTKzZ1j6cvzaJEbKAllUQg0K3lDvuWR9LV7L4MiTqVAMCIQCkKvi9N1h0QbnTS307vRBxqExPy1Dtw6JXzSnyTmlGcg==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgBA32d6QwH6ONYCtFZGId7cYkRz23AdpdSn_DQZJU1FACIQD_8R9EuvwG-QAgrWViJOsWl5DDPT7E85FPLHKVe3BqvA==&cpn=fDfOg8CF1E9OLl54

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:26::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

17dbd76ccd77a0e9449c1cef7c3163416ba54b22c0c49fb5284bfdb75e7d239a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 03 Jul 2023 06:46:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Feb 2023 13:10:56 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-63709/63710
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 63710
Expires: Mon, 03 Jul 2023 06:46:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1B96 0
0 91ms
91ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIm1Iym6iZO6nE7Xa7_UPn8mGqAabzb6icdHh3_vWEZTLo8mCNRABIMzT7IIBYJWCgICYB6ABv5-wzSjIAQmpAu_gaZ0_TbI-qAMByAPLBKoEyQFP0PrmtKnMAFI-4tW7c2ElhOKY0XPFZ8QGzrYHvPL2-jL1j_mFieQsrCIqRw5uDVbbhYkOW_0E9ZvPsxQExLYDXBiEkXonlf0R-d4QRkrSWHfRAZJoJkrKf8XEL3P6CnzQKwd5lVJhPHrybUV8PmT5litd9Ip9QpadL3ivuStutWUTWvIssWHPVzBQsof7yR9pZRPIYOaX0ZFJYYmvDonA7DJCDYcWTREoUiIyvJ8ozAiCXocbpSDa5Rkkqdg3BD4QHeKhYpIqssrABNnR6dSbBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe_14CtA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPjQA9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E5wb2BMM0BUBmBYBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=96MdtXZwc4M&uach_m=[UACH]&cid=CAQSOwBygQiDBvPlH4-BBhtK8DfrJC8guFQyWYQ3MlLPGvhPenYlQStA7rxB_0LokbYTFYn0ayx-VRBIOm23GAE&template_id=3484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3026534217&pi=t.aa~a.3633471688~rp.1&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250&nras=3&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Qk35iY2qD7&p=https%3A//all-news.co&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 06:46:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9E2D 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:36:12 GMT
etag: 48472445140208031
expires: Mon, 03 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 6C77 390 B
305 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Satisfy%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=328123490&pi=t.aa~a.2368139338~rp.4&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=1&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250%2C324x250&nras=4&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=cbCYTR0pxm&p=https%3A//all-news.co&dtd=39

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95bd3a7fbbbdcfad4914d168384cd92f41e9279ad80ac78304f461e9ead5b214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 06:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 05:09:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 06:46:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 6C77 2 KB
892 B 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6C77 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCZgxym6iZO_vE-uE9u8P69il4A-72_SCceC-xd7gEeq7x8PbPBABIMzT7IIBYJWCgICYB6ABz-q7jAPIAQmoAwHIA0iqBL0BT9B8ra5J8n1YEikH53g0bqPasHwskhYUzt-14bY4GqbZNjIdaiDS81pmX9aHJcxE7YyLt511THqxJArNvrI5lzRtCwZDihSqbuwYRq9lpJmZ4B7uINGZfn1jwuo00cK9bTr9mrdmxDx6gm_KrjUgmROWTEqplVrmCJWZu304qLYwOhIwtq7_MAo--kJ-Jer1MtBhBpu5CbVQ1RHXkXfp9KDDdP-1lOOddqndZiOy9uY9ZG7J-9MlIor1i9HJwATMnaeHsgSSBQQIBBgBkgUECAUYBKAGLoAH6OPA3QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCp8wbSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTg0MzkwMjQ4NzczMzEwNDkYAA&sigh=D_xMHY_UrOs&uach_m=[UACH]&cid=CAQSOwBygQiDLjBaymK-FvUDGzroXJUtHIfDElIStZj7kgep80Vae3xhETBLfBudWykMSX6l3hGvGm_2qOw3GAE&template_id=5034

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=328123490&pi=t.aa~a.2368139338~rp.4&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=1&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250%2C324x250&nras=4&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=cbCYTR0pxm&p=https%3A//all-news.co&dtd=39
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 06:46:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame 1B96 2 KB
2 KB 40ms
40ms Image
image/png 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3026534217&pi=t.aa~a.3633471688~rp.1&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250&nras=3&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Qk35iY2qD7&p=https%3A//all-news.co&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 20:15:38 GMT
x-content-type-options: nosniff
server: cafe
age: 37857
etag: 9923804599063086578
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2033
x-xss-protection: 0
expires: Mon, 03 Jul 2023 20:15:38 GMT

GET
DATA 200
OK truncated
/ Frame 1B96 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 710ecce066043e25a8a678a940ed0a0e459a7e880ff8d7f81ae3d409ccc71134

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5329574950108211994/ Frame 6C77 26 KB
26 KB 43ms
40ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5329574950108211994/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911ed451c7c187ed81de2ac7c134b608693abafae184f6488cc72755d3b0982c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:30:26 GMT
x-content-type-options: nosniff
age: 267369
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26221
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 15:39:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 29 Jun 2024 04:30:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 6C77 23 KB
9 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 6C77 3 KB
1 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:39:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EAD6 1 KB
643 B 41ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:36:12 GMT
etag: 48472445140208031
expires: Mon, 03 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 6C77 20 KB
8 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:50:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6C77 0
0 54ms
53ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRr7UFNQn1xZ7wMSHZ8VBjhXSnVjqeU31ad_6Jbl4_7G66fsArabk3Guq6CVUhYS0mYWzbets3yzzSL6w7dTnmmDD-N8A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=328123490&pi=t.aa~a.2368139338~rp.4&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=1&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250%2C324x250&nras=4&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=cbCYTR0pxm&p=https%3A//all-news.co&dtd=39
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C77 179 KB
56 KB 1687ms
1686ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 06:46:36 GMT

GET
H3 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame 6C77 33 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9E2D 0
105 B 207ms
93ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIldLsmq1RxIA7SrwWd5h4w&google_cver=1&google_push=AaAOQGEV6dg8_1kaXtCSJJnfa805ECnJShjcj9GbEaTtGZIb5mXGY44k7fhHtk7mGkIXCM-aztppDPOvDA4tRxCRWRjd2tuCZtzEhaY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3026534217&pi=t.aa~a.3633471688~rp.1&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250&nras=3&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Qk35iY2qD7&p=https%3A//all-news.co&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E2D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEIBwgZwXxY-FM6WZKv1l3U&google_cver=1&google_push=AaAOQGH2tIL-Rj3aho2EVbOoXHG_ojjAEXLbaQj92LxLV_EOCZP_NJSYZv4KMGxH9qlB4f8g5ZUlgzDpZqzZWABv...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH2tIL-Rj3aho2EVbOoXHG_ojjAEXLbaQj92LxLV_EOCZP_NJSYZv4KMGxH9qlB4f8g5ZUlgzDpZqzZWABv-T4O0R4hiM3GpPs

170 B
188 B

52ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH2tIL-Rj3aho2EVbOoXHG_ojjAEXLbaQj92LxLV_EOCZP_NJSYZv4KMGxH9qlB4f8g5ZUlgzDpZqzZWABv-T4O0R4hiM3GpPs

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 03 Jul 2023 06:46:35 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x9 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH2tIL-Rj3aho2EVbOoXHG_ojjAEXLbaQj92LxLV_EOCZP_NJSYZv4KMGxH9qlB4f8g5ZUlgzDpZqzZWABv-T4O0R4hiM3GpPs
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 03 Jul 2023 06:46:34 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9E2D 70 B
265 B 186ms
57ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENHG9mx4kigWbZjn9jgbxW8&google_cver=1&google_push=AaAOQGF_Y0D9AcnlmsYRhRncNit4HEyr5d8W0e0Bcaz4ISRjm6QiwwHRp9-FBuWgEZod5wDzC94dF8AHMXJzsosU4r1dqQOOBUCgUGE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3026534217&pi=t.aa~a.3633471688~rp.1&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250&nras=3&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Qk35iY2qD7&p=https%3A//all-news.co&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E2D
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECPAvJeqRLGwKgcw0YJ0SJU&google_cver=1&google_push=AaAOQGEOwqYJISgttdh-BHa7EsE8hFlI6VNwp7zPnD_IXg8sWEmOBykH3S4I8Xcug-x4DeYMAl0dCK1kfgZ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEOwqYJISgttdh-BHa7EsE8hFlI6VNwp7zPnD_IXg8sWEmOBykH3S4I8Xcug-x4DeYMAl0dCK1kfgZRGtjo5Xdwp8IjbNRF5g&google_hm=96APXYDSQvW7PAAdCS...

170 B
188 B

62ms
61ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEOwqYJISgttdh-BHa7EsE8hFlI6VNwp7zPnD_IXg8sWEmOBykH3S4I8Xcug-x4DeYMAl0dCK1kfgZRGtjo5Xdwp8IjbNRF5g&google_hm=96APXYDSQvW7PAAdCS_QwGk

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:34 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEOwqYJISgttdh-BHa7EsE8hFlI6VNwp7zPnD_IXg8sWEmOBykH3S4I8Xcug-x4DeYMAl0dCK1kfgZRGtjo5Xdwp8IjbNRF5g&google_hm=96APXYDSQvW7PAAdCS_QwGk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 9E2D 0
175 B 139ms
46ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDXP-rYi1XxQcNUYNAsVvUc&google_cver=1&google_push=AaAOQGE5SqXLh4ha4Ad61rEMKHZSN2Vyy1c-nU9eTdNo2Cgzd5gINyuahRYZdGezBF1cFu48zH_QevEiBCBmGIlJL0zwusOMBOcmUcU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3026534217&pi=t.aa~a.3633471688~rp.1&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250&nras=3&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Qk35iY2qD7&p=https%3A//all-news.co&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 9E2D 0
99 B 142ms
49ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAaAOQGEvPK7JW0ByN03xcyh_snjFwEbVvXTLYUk6iYrfumRBhEk7YI6-zKiqcnym__6sMDAGKBeTE1fyFQnR9wHvuZnuuOfp6sYWIZ8&google_gid=CAESEIHY6L2Tie2K5XITKHTBOVo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2431131745&adf=3026534217&pi=t.aa~a.3633471688~rp.1&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250&nras=3&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=4701&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Qk35iY2qD7&p=https%3A//all-news.co&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E2D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHa5qaC2XaYhpj5c1Gf0cx0&google_cver=1&google_push=AaAOQGH6SuefHS2GGvgYH1rO8tAZd0yXYX-zTVaoIiXWNmfQfDUctbTdiPYhWDXsqNfjfUGFjC6S3yCcGK39...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH6SuefHS2GGvgYH1rO8tAZd0yXYX-zTVaoIiXWNmfQfDUctbTdiPYhWDXsqNfjfUGFjC6S3yCcGK39ubkCQWNOcISX48yuRHQ

170 B
188 B

51ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH6SuefHS2GGvgYH1rO8tAZd0yXYX-zTVaoIiXWNmfQfDUctbTdiPYhWDXsqNfjfUGFjC6S3yCcGK39ubkCQWNOcISX48yuRHQ

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH6SuefHS2GGvgYH1rO8tAZd0yXYX-zTVaoIiXWNmfQfDUctbTdiPYhWDXsqNfjfUGFjC6S3yCcGK39ubkCQWNOcISX48yuRHQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9E2D 0
12 B 52ms
52ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvHAGfuF4JXEvSMcEA49jmsxCtZWxjabvC8H4Ev-0EWnv-WfD3PsK1Fc-slhKRovQkujs_

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EAD6
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDWvxFSGilK_JqDoaGRbDLQ&google_cver=1&google_push=AaAOQGGvEBldKJGuxM0FsAQd8jOQWWA2FTjBqHOig5tIu1pHEniN78MpYpJ2anBdw3YrzM5pfwxdawrPXBQDMKEdrFE67I7FPigz10E
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU4NTk5Nzg3Nzc2NzMyMzAzMw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDWvxFSGilK_JqDoaGRbDLQ&google_cver=1

43 B
398 B

80ms
45ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDWvxFSGilK_JqDoaGRbDLQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=328123490&pi=t.aa~a.2368139338~rp.4&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=1&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250%2C324x250&nras=4&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=cbCYTR0pxm&p=https%3A//all-news.co&dtd=39
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDWvxFSGilK_JqDoaGRbDLQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAD6
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TnhYcGFpemgxUWdka3U1&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&google_cver=1&google_push=AaAOQGGaIXQlHdmOpExjrRMc1T7ohUZ3Bqq1VTQrdAWIZqa...

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TnhYcGFpemgxUWdka3U1&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&google_cver=1&google_push=AaAOQGGaIXQlHdmOpExjrRMc1T7ohUZ3Bqq1VTQrdAWIZqaL8Pwjg8wcrnrUjY-sA9PdOqYTKxIHkdj_jIYG9lVDpSVXBbXbbZxKLKc

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 06:46:34 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0afa2568184f9f5d2@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TnhYcGFpemgxUWdka3U1&google_gid=CAESEAHSTZLcsBddLNyE-W2EFWE&google_cver=1&google_push=AaAOQGGaIXQlHdmOpExjrRMc1T7ohUZ3Bqq1VTQrdAWIZqaL8Pwjg8wcrnrUjY-sA9PdOqYTKxIHkdj_jIYG9lVDpSVXBbXbbZxKLKc
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame EAD6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEInDxqQJwao9-lI7uKB7Kbc&google_cver=1&google_push=AaAOQGGL0zhou8Y99PC915CurAXh4BdON-m5YIbdkM5flMPuBvJlU0HxwJ1cMIc1CQptL0LTmXxa2DwSxptzyYXed8VwEtnPC0cc9...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEInDxqQJwao9-lI7uKB7Kbc&google_cver=1&google_push=AaAOQGGL0zhou8Y99PC915CurAXh4BdON-m5YIbdkM5flMPuBvJlU0HxwJ1cMIc1CQptL0LTmXxa2DwSxptzyYXed8VwEtnPC0c...

43 B
412 B

252ms
243ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEInDxqQJwao9-lI7uKB7Kbc&google_cver=1&google_push=AaAOQGGL0zhou8Y99PC915CurAXh4BdON-m5YIbdkM5flMPuBvJlU0HxwJ1cMIc1CQptL0LTmXxa2DwSxptzyYXed8VwEtnPC0cc9TM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGL0zhou8Y99PC915CurAXh4BdON-m5YIbdkM5flMPuBvJlU0HxwJ1cMIc1CQptL0LTmXxa2DwSxptzyYXed8VwEtnPC0cc9TM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=328123490&pi=t.aa~a.2368139338~rp.4&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=1&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250%2C324x250&nras=4&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=cbCYTR0pxm&p=https%3A//all-news.co&dtd=39
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e0d2c17bc203605-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 130
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEInDxqQJwao9-lI7uKB7Kbc&google_cver=1&google_push=AaAOQGGL0zhou8Y99PC915CurAXh4BdON-m5YIbdkM5flMPuBvJlU0HxwJ1cMIc1CQptL0LTmXxa2DwSxptzyYXed8VwEtnPC0cc9TM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGL0zhou8Y99PC915CurAXh4BdON-m5YIbdkM5flMPuBvJlU0HxwJ1cMIc1CQptL0LTmXxa2DwSxptzyYXed8VwEtnPC0cc9TM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e0d2c167ae63605-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAD6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM9OHcus5s40KOaCzIipz_U&google_push=AaAOQGFwaSxx0IN_o0xEZPuPUMxL38azOwPqLHk5J97gdY452jNTHSGt23...

170 B
188 B

55ms
55ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM9OHcus5s40KOaCzIipz_U&google_push=AaAOQGFwaSxx0IN_o0xEZPuPUMxL38azOwPqLHk5J97gdY452jNTHSGt23JM20uqncgf07r408bnR5-fXS3g9UPO4HdthjvMo0XpNQ

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230059-FRA
pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688366795.278271,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM9OHcus5s40KOaCzIipz_U&google_push=AaAOQGFwaSxx0IN_o0xEZPuPUMxL38azOwPqLHk5J97gdY452jNTHSGt23JM20uqncgf07r408bnR5-fXS3g9UPO4HdthjvMo0XpNQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame EAD6 70 B
266 B 144ms
56ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENHG9mx4kigWbZjn9jgbxW8&google_cver=1&google_push=AaAOQGFVR5yq7F1QX3zn9zU3WLenx37hW1WwoioE96fbc8WYgmgz4Tr1tv3gJGSX_BLNRkjOmPI1q5Iu9BL60NBtqH9uz8_N5VAdZw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=1350285722&adf=328123490&pi=t.aa~a.2368139338~rp.4&daaos=1688356995313&w=324&fwrn=4&fwrnh=100&lmt=1688366794&rafmt=1&to=qs&pwprc=3183826420&format=324x250&url=https%3A%2F%2Fall-news.co%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688366794250&bpp=1&bdt=2659&idt=1&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D182c2e4f124ca100-2292f9f881e200a4%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA&gpic=UID%3D00000c9089d920e7%3AT%3D1688366792%3ART%3D1688366792%3AS%3DALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg&prev_fmts=0x0%2C1200x280%2C1068x280%2C300x250%2C324x250&nras=4&correlator=8202577943988&frm=20&pv=1&ga_vid=1994013733.1688366793&ga_sid=1688366793&ga_hid=2111396073&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075665%2C44788441&oid=2&psts=ABnkTfBvi4GVheisbB2nWFOBT-ZF6SrIZO_xVcCvxMbn9H0vo1LTq0w84g9VBW7VWj09ONfJa4lo2PYNe3tvv8UNaRpEPA%2CABnkTfDCEygF5cpkXaLMrqytl30NbByBFiQhmsdz1kLwxoCbzb4qETw_DhKAfdz4RLlVIYn87bJNMbJvtT7dYBGqsoDxoW3b&pvsid=4099821538070399&tmod=1305401359&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=cbCYTR0pxm&p=https%3A//all-news.co&dtd=39
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAD6
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESED1MUDEY4dBJ7Jknp3hMR3I&google_cver=1&google_push=AaAOQGEy4nsM3J5fVF6OLPlHRdFsLh7J7Tp9ltL_Gy09Qcmvl5V7KFvYFL_KmDshfcHhAS1wPhgH_7VuAmNGrS...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTQ4MDE2ODE4ODQ3NTU0Mg%3D%3D&google_push=AaAOQGEy4nsM3J5fVF6OLPlHRdFsLh7J7Tp9ltL_Gy09Qcmvl5V7KFvYFL_KmDshfcHhAS1wPhgH_7VuAmNGrSwI1_...

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTQ4MDE2ODE4ODQ3NTU0Mg%3D%3D&google_push=AaAOQGEy4nsM3J5fVF6OLPlHRdFsLh7J7Tp9ltL_Gy09Qcmvl5V7KFvYFL_KmDshfcHhAS1wPhgH_7VuAmNGrSwI1_lS5DhypoCtafo

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTQ4MDE2ODE4ODQ3NTU0Mg%3D%3D&google_push=AaAOQGEy4nsM3J5fVF6OLPlHRdFsLh7J7Tp9ltL_Gy09Qcmvl5V7KFvYFL_KmDshfcHhAS1wPhgH_7VuAmNGrSwI1_lS5DhypoCtafo
Date: Mon, 03 Jul 2023 06:46:35 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAD6
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEA9iUq3MzPhasO5b1NElKDo&google_cver=1&google_push=AaAOQGFv1oqABVulpHLJkIG04bEjEJgrSTx2NamA2uhM6JRwBMtXpflEmyZYeO3uW8Dy3mqcUu8bGQIYucK15QUE...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pBgWCu4rShGSj1LJsUj1AA2&google_push=AaAOQGFv1oqABVulpHLJkIG04bEjEJgrSTx2NamA2uhM6JRwBMtXpflEmyZYeO3uW8Dy3mqcUu8bGQIYucK15QUENOismNeTQNiYBzY

170 B
188 B

52ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pBgWCu4rShGSj1LJsUj1AA2&google_push=AaAOQGFv1oqABVulpHLJkIG04bEjEJgrSTx2NamA2uhM6JRwBMtXpflEmyZYeO3uW8Dy3mqcUu8bGQIYucK15QUENOismNeTQNiYBzY

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Jul 2023 06:46:35 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pBgWCu4rShGSj1LJsUj1AA2&google_push=AaAOQGFv1oqABVulpHLJkIG04bEjEJgrSTx2NamA2uhM6JRwBMtXpflEmyZYeO3uW8Dy3mqcUu8bGQIYucK15QUENOismNeTQNiYBzY
x-host: tde-deliveryengine-production-7c97bc8457-hxjj8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EAD6 0
12 B 59ms
49ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqDC4z9nWscwCd-9Oydbe6juXZBqVEoO38GQ0uWigiUzxSCZiSuxMIxqdRpA9nRZ0f23Fk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:46:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 6C77 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce241f39b0e48d3645500b9a1aa72cad71670d069c3579ede44cd9bbb9a31b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230627&jk=4099821538070399&bg=!2dql2o7NAAb90kgr3dI7ADkAdvg8WjnnLFwh-_Y9ytQCwEcbQKKJ2pXbpbqJ8YbyxvXR6Xs7sHJWjqkKtZHMy-WSLzLJKd-cVzcCAAAAbVIAAAADaAEHCgCuI4jdpfOF83LuXnFy9C6WbXG_aGwX9rW9tJQK6NvceDCPwFM_J68xgnBZluYF9lo5DySfgonwg0_jrjrj1zr1eq_iFY875ZUVNG0lx3HfqIJL827yYFMi8adA9BhMG_3669OIlD5a-fy4aHaGQqMVtH9VrWoUs0OBYaBFzFgQQy5fcTcfuB9PbHM0g9HncMMG7I7cWu_8rqVGeE5X6omyimabTzsNtiPXvJT8dXGrmQKj2yQ3YQf2y231gZlEnsnTkZozIIzWrCgc3gKdCch8FpYiiQ3r8Jv8_F-fbHGowqk6jZUOJMS7h5t7_cdyJ35mX99xu2l9WI53CMKGf55wDHUCsivURTsum51JvoHGtspdNwrY-t_p8vd8WJDmyoDq1eItCCryVVmVSIHQQobpX3zn1FaOjZcfFe7mJOxspcqIDXbU4CosJh1rs3OS4_2gs_-ErGIjJeedGWv5K8cSNrwXNdtqe86OdgQd41AoPLj_64AZwiLKY3rAzWcj1Gi18ZqmkwfVklGkF-kK30AoaqAhshyxVE6QSgnRAoRLgiqN_9opyl2CtO04NmRDXmrstBEs4Zebh2Bu-tJNUE6SgmXJpd6Z0nCwzEY_cZhmj7LXqco7mRoy6fIyH7VT4FaRBPffSt4qZiTVwdWsdQxxBej7dbgpZGtR2rU_Cv8rlWRLkI3bur4MtdCW1_M3Ukh2FqshUHr-lF8g_L9HbPBWvMXD-pYcSCEx8v1lQxw99fUXdZ1puiJZMOBkQaflEXT36q2VQ4mElHaICsYuUoVFMgPw5kSFet0ru8KW8bKTSmxVWEBbopwb4u5UQ05wI5giBI6xCGwMXxYlooZeg1gntdVkpt0tJPUXUBG04RHGTIw4UdPsnSnLFejb0h04j6O0M_u7q-stgJm3mg087jZ79Uypz2By39Igbc9uTLZD3Zbae2cPA_XQ-5FknV2Kb1d7QWykUcnIO2UhFP0vnm5EPkJzl_z17JfUMNvqfxK-sfIzD51aYr6GLLoGV1gsKjk5tEhhiut7zZfWgNbnNBGNNGdalu0xSq-j21CFak7pVFUt17LOMowzlDt_7hE6E8jecHgz4ptXTDRMcHIZBAVolhrM9WWqu37DEL_wr9etmKGY1cdx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame C4CB 38 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 20:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jul 2024 20:00:55 GMT

GET
H3 200 rP2Hp2yn6lkG50LoCZOIHQ.woff2
fonts.gstatic.com/s/satisfy/v17/ Frame E0CC 22 KB
22 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/satisfy/v17/rP2Hp2yn6lkG50LoCZOIHQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Satisfy%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 23:41:46 GMT
x-content-type-options: nosniff
age: 457490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22652
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:12:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 23:41:46 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/57166423561449945/ Frame D6FE 11 KB
11 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/57166423561449945/14763004658117789537?w=400&h=209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc6102ba352da7974c112b223ab0c4081f9941348468f0346dd8a7f6d32c6a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:51:25 GMT
x-content-type-options: nosniff
age: 431711
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11615
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 15:02:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Jun 2024 06:51:25 GMT

GET
DATA 200
OK truncated
/ Frame D6FE 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D6FE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D6FE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a08d2526eadcccad418aebfc57b32ec3d57c479d549a42d9a2f7ce73c776bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 957C 38 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 20:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jul 2024 20:00:55 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/57166423561449945/ Frame 1E51 11 KB
11 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/57166423561449945/14763004658117789537?w=400&h=209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc6102ba352da7974c112b223ab0c4081f9941348468f0346dd8a7f6d32c6a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:51:25 GMT
x-content-type-options: nosniff
age: 431711
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11615
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 15:02:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Jun 2024 06:51:25 GMT

GET
DATA 200
OK truncated
/ Frame 1E51 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E51 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E51 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1a52d386355ab19a28e35e65badb00ba844839a0005afa08221f73e529e1616

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F3F 38 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 20:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jul 2024 20:00:55 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame CA1D 38 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 20:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jul 2024 20:00:55 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1B96 33 KB
33 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 02:43:59 GMT
x-content-type-options: nosniff
age: 100957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jul 2024 02:43:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1E51 0
19 B 85ms
85ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqSAvyG6iZKDMI62k9u8Pr8WQiA2bzb6icYmZhpfvEbTvzsOCNRABIMzT7IIBYJWCgICYB6ABv5-wzSjIAQmpAu_gaZ0_TbI-qAMByAPLBKoEyQFP0DRXboa5t16rAe3AT_sMvN_b9zw34vINoFQgF9znl8W_aemc8UmYVtJ7rJQn8rX9N-rGlhtwDejjDDglcnTc5ykFMc3cgvvMLmA-1mH97VP8CVVxXnpNGNFWHyGe_pa97kL6ZjuoJNXfWNGfbKpPf78fug6JGawD5NvqkTJT7LLVmmvDP3yx2kXQ3q74okTxe_EKOdlEY3vGCabIEnlT7p23p9eRKtvrRz-djTXVwkJYhxUoWicoGuiZ_T1LusVgOMBvFSlVc6LABMnT6dSbBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe_14CtA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKSiFdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=vRmmd3AV4Ik&uach_m=[UACH]&cid=CAQSGwBygQiDEugRwixqhm5Q2hmpYfZXYDOL215HGhgB&template_id=5000&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 06:46:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D6FE 0
19 B 84ms
84ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyV7ayG6iZKHMI62k9u8Pr8WQiA2bzb6icYmZhpfvEZG72f-TDhABIMzT7IIBYJWCgICYB6ABv5-wzSjIAQmpAu_gaZ0_TbI-qAMByAPLBKoEyQFP0NsLutunL7i3TpdQT5kc0Rqz0R9g7Kpg0FFd0ZR1txPyqn6uq2K5lzhbcUFj7tPhT8DIYAda_R-t1M4CbGCq40QXGuuyi7IM6ujKUy8rWD467vALfI1ZTq5lC0rzR8SUHA9gTlbKMFpSvm09tfWx9FL8ufi255n06a_dvSMxhwWbC-NTrv9uS0t2UB2gB5ndRyOyT76qm7VvchyvITNFEySeVPfXHuSapZzUnHzF-g258brgrUiIsVAr-A91m523BHyhOMvcPjTABMnT6dSbBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe_14CtA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEN-QFtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=K_a1h6wqfeE&uach_m=[UACH]&cid=CAQSGwBygQiDEugRwixqhm5Q2hmpYfZXYDOL215HGhgB&template_id=5000&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 06:46:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame D8EC 38 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 20:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jul 2024 20:00:55 GMT

GET
H3 200 rP2Hp2yn6lkG50LoCZOIHQ.woff2
fonts.gstatic.com/s/satisfy/v17/ Frame 6C77 22 KB
22 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/satisfy/v17/rP2Hp2yn6lkG50LoCZOIHQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Satisfy%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 23:41:46 GMT
x-content-type-options: nosniff
age: 457490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22652
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:12:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 23:41:46 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 8119 38 KB
14 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 20:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jul 2024 20:00:55 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 14DE 38 KB
14 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 20:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jul 2024 20:00:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D217 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRlKhFLeEbmNmUujWGZIRyYXSUAliB9EPsTkaUIckt2T0EsKXgzltBgPYhvmwXwV_qcaP-KIS8GfWe1HGReNnuhc7sBQ4u6AC2dsXmAJZOyHjRedIjhnRDhgrJst3JXBpJwePMG_b98uyj&sai=AMfl-YQybHxZBFAECuOdgDtdrXCkCvrfjMYYzGqYldmqz2XAdM0TmMu-xQOeWBx0SHQoCbaHoi4wN83i3ZYX&sig=Cg0ArKJSzMLVwhpIUu4MEAE&cid=CAQSGwBygQiDEugRwixqhm5Q2hmpYfZXYDOL215HGhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688366794375&rpt=2394&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 06:46:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame D6FE 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 1E51 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWJa-NFFBm2eesYCB9pwpQkU2DlJdvWF8fDtybFLfhQ3h6WdnzTpU_D_OW1lXJlZPB-TCEC5XEYGNQ_HJZR0xPcqj3rCiUKmbzS_Q9LUWtKZlpxG9tiOvHPnyk-wYBvrFpjNSS8Md7DlKN&sai=AMfl-YRiOWnlXE22DZm77GeKUugaldcN-HlxRazMmPUhvvJYaftaIIG9CUw3K4bbyLQjnBJQwHb2TPqcR89d&sig=Cg0ArKJSzCOiZ7nLc4mKEAE&cid=CAQSGwBygQiDEugRwixqhm5Q2hmpYfZXYDOL215HGhgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688366794373&rpt=2527&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnpFyhi0NFsi7G9z3-YOi6O-5Z8FGSTvWUw4JyYoLawwy4C8HNjNur-zxdb6JREP32_R1YNvq8BHNQ9N9_aeRhsaODtsDakrO7pM9CdX1HDCpn5y4uCcsr3-fqeSbrVBw4OM8q8KXNGGJR&sai=AMfl-YSodchcE1QhOj9MELMtMmF5wG25KmrCBeWBVyY5QIK1-wntoSYuq4Btm5UIHRdx_G6ywHH5o2mHwnIo&sig=Cg0ArKJSzCHnRbAluUAoEAE&cid=CAQSGwBygQiDEugRwixqhm5Q2hmpYfZXYDOL215HGhgB&id=lidar2&mcvt=1002&p=0,0,600,200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688366794371&rpt=2562&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

230 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
all-news.co/	1970-01-20 13:05:26	Name: PHPSSIDDD2 Value: NHjVMaoxCG7B4eX
.all-news.co/	1970-01-20 22:21:02	Name: __gads Value: ID=182c2e4f124ca100-2292f9f881e200a4:T=1688366792:RT=1688366792:S=ALNI_MZ4_G68GHKs95Yrngu6435Ci0JWLA
.all-news.co/	1970-01-20 22:21:02	Name: __gpi Value: UID=00000c9089d920e7:T=1688366792:RT=1688366792:S=ALNI_MYFm8rE7VujeQtF5Kzxg-fEMC4EEg
.doubleclick.net/	1970-01-20 22:21:02	Name: IDE Value: AHWqTUlX4mFaox2Lp22eUWHdwW9E9_Mjy6kbpJv0HEEzC555w19PmUrNhL4I8e06mjk
.doubleclick.net/	1970-01-20 12:59:27	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 12:59:30	Name: DSID Value: NO_DATA
at.bahn.de/	1970-01-20 15:09:02	Name: exactag_new_gk Value: 71dc2219149d4a0a8ee65f93ea859eab%7c01.09.2023+06%3a46%3a31
at.bahn.de/	1970-01-20 17:18:38	Name: exactag_new_uk Value: 6f568e4af46d42069a3622d6475cbdbc%7c
at.bahn.de/	1969-12-31 23:59:59	Name: session_session Value: e52cf476cb394214b7b927d0
.travelaudience.com/	1970-01-20 22:31:07	Name: _tracker Value: %7B%22UUID%22%3A%22A418160A-EE2B-4A11-928F-52C9B148F500%22%7D
.w55c.net/	1970-01-20 22:31:07	Name: wfivefivec Value: NxXpaizh1Qgdku5
.yahoo.com/	1970-01-20 21:45:24	Name: A3 Value: d=AQABBMpuomQCEDv6YGC_IYjc6VBBmtsefAgFEgEBAQHAo2SsZAAAAAAA_eMAAA&S=AQAAApeV03Yc8Ae_Guiz8uuHNr4
.w55c.net/	1970-01-20 13:42:38	Name: matchgoogle Value: 5
.bidswitch.net/	1970-01-20 21:45:02	Name: tuuid Value: abcbe252-355b-4e24-b42b-3abeedfd998e
.bidswitch.net/	1970-01-20 21:45:02	Name: c Value: 1688366795
.bidswitch.net/	1970-01-20 21:45:02	Name: tuuid_lu Value: 1688366795
.mathtag.com/	1970-01-20 13:42:38	Name: mt_mop Value: 4:1688366796
ads.travelaudience.com/	1970-01-20 22:31:07	Name: _tracker Value: %7B%22UUID%22%3A%22A418160A-EE2B-4A11-928F-52C9B148F500%22%7D
.blismedia.com/	1970-01-20 21:45:06	Name: b Value: 64A26ECBB5F28ABF3CD35EBFBLIS
.ctnsnet.com/	1970-01-20 21:45:02	Name: cid_f7a00f5d80d242f5bb3c001d092fd0c0 Value: 1
.ctnsnet.com/	1970-01-20 21:45:02	Name: gid_CAESECPAvJeqRLGwKgcw0YJ0SJU Value: 1
.adfarm1.adition.com/	1970-01-20 15:09:02	Name: UserID1 Value: 7251480168188475542
.sportradarserving.com/	1970-01-20 21:45:02	Name: zuuid Value: 476b729d-bec8-4c01-ad10-0084d845f5a0
.sportradarserving.com/	1970-01-20 21:45:02	Name: c Value: 1688366795
.sportradarserving.com/	1970-01-20 21:45:02	Name: zuuid_lu Value: 1688366795
.everesttech.net/	1970-01-20 21:45:02	Name: everest_g_v2 Value: g_surferid~ZKJuywAMHpDCYgAD
.sportradarserving.com/	1970-01-20 21:45:02	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 21:45:02	Name: zuuid_k_lu Value: 1688366795
.turn.com/	1970-01-20 17:18:38	Name: uid Value: 8585997877767323033
.tribalfusion.com/	1970-01-20 15:09:02	Name: ANON_ID Value: aAnseFqO2c8U2OqnvebI2OZdnBcDAdqDktCnUq8acCytyPeWbPZdXSt92Y1sXcNUVDRgCvrZaSKsx0HBVr3rwji

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAaAOQGEvPK7JW0ByN03xcyh_snjFwEbVvXTLYUk6iYrfumRBhEk7YI6-zKiqcnym__6sMDAGKBeTE1fyFQnR9wHvuZnuuOfp6sYWIZ8&google_gid=CAESEIHY6L2Tie2K5XITKHTBOVo&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
adservice.google.com
all-news.co
at.bahn.de
cm.g.doubleclick.net
csi.gstatic.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
id.rlcdn.com
m.media-amazon.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
rr1---sn-4g5lznls.googlevideo.com
s.tribalfusion.com
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
u4152507.ct.sendgrid.net
wms-na.amazon-adsystem.com
ws-na.amazon-adsystem.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z-na.amazon-adsystem.com
pagead2.googlesyndication.com
108.138.23.225
142.250.185.226
15.197.193.217
151.101.66.49
167.89.123.122
178.250.7.11
185.218.124.16
185.29.132.241
2001:4860:4802:32::3
2600:9000:2491:1c00:1d:d7f6:39d2:2dc1
2606:4700::6812:19ad
2a00:1450:4001:26::6
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:fa8:8806:13::1370
2a05:d018:d29:3602:90bf:1892:a2de:b1dc
3.124.223.95
34.96.105.8
35.186.193.173
35.190.0.66
35.244.174.68
46.228.164.11
5.189.131.58
51.38.120.206
52.28.152.8
52.58.132.185
52.84.221.76
52.94.225.95
52.94.230.46
85.114.159.93
85.14.248.91
009145af238e0de6bed8df118c9621b501a02dd9208e5ceabeb2c239e0edd47a
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
134b499f3f40452bb2eec57b46e59a648df46e15139fc58c09bec48f08ba24c6
1370903a1e242d482364b08f180e6add61f2f2b4abae8cfb0de855b56017cfb2
162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a
17dbd76ccd77a0e9449c1cef7c3163416ba54b22c0c49fb5284bfdb75e7d239a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1aea82d0591a7ba44f6716ceb8bf5d194f0753bfba0fa3271e518eea5ef9646c
27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03
28540892c6ab9c51d20214460a7f0c9e81a8f9150b7a8a71652ebb2b330ab5f4
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3451903cd80a7bb5b5eb6a902dcd609da4cc819cc07304bdee4778d4b3560298
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fa7e7901799ac3c52e22734f1538c614df5ae5830c711e41de50f70563259a4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf
5b7bec9e875b09a4d35719461e5e38f0f68e3286c71a0c5b69246b3127a985f7
5c1024f3f8b93b550f5e0b063bf4c107ff28fe56cfcb061a5b7e277b71194749
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dda8db38026fc522c7c017ba17bbf533be39a00cea07cbc1086f1537dce7272
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93
64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6a10516cb0733b476034a17688342c01f2cd0f42963c7fea64bd3cd775acfdcf
6c711e7939187c82f8ee963b72e8d9bb34338ee60be229dd0417527f57a1e8a1
6c7a8c17c712cababee2f574f796daf6a80a5cf17ccaa3e5a66633a477177bbd
710ecce066043e25a8a678a940ed0a0e459a7e880ff8d7f81ae3d409ccc71134
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
74d20e0505cc5f1bc83663fcc7d54363a39e37a98c325765f8c9905fceb4150f
7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7ce241f39b0e48d3645500b9a1aa72cad71670d069c3579ede44cd9bbb9a31b7
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
8a08d2526eadcccad418aebfc57b32ec3d57c479d549a42d9a2f7ce73c776bfa
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
911ed451c7c187ed81de2ac7c134b608693abafae184f6488cc72755d3b0982c
946f7fad6ed97da1cb407f76a77dc9a66deb85456af8d40b15d943f8111e7d36
95bd3a7fbbbdcfad4914d168384cd92f41e9279ad80ac78304f461e9ead5b214
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98560cdd17cd2337b7a4c4e44af1834e47b7dd882bdf1fcc77d2e1e39ee74f70
98e4daaeb16d7d977ca0aaba0659a8e742f08880e34cad86a5b49ed3fa1baf14
994c110a96a94e9d56b2cec48fa2eabc12b97087969fce6c9bcdbe780645ed51
99bc4fb81d1282923adcc0bdf46cd12990e228a1bb8ba0a2f0d66f0ee5cafc77
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c0ecdf3a722614af320f8f0acbe04c6f592eadf01e564c1f283f39fbc81748c
9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9
a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7d5cc5668183da8513bda282451f3d36281560114ea6002ec803afdf714829f
aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555
aadd32acef3aa8e5fd0919877d93e39c2830277aa3fdee6de13f54f85e4e9ae3
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab2bbe0aaf8ae214ac124443f3e3551961f6c98e998dac445e34c52f8b15ff79
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b130882d064ad243fb103f2186f910336480e0eb5537268ff3fee75ace91d1ed
b8939a0d5bea5bad9b1dc74928170d320b393615e282545b4e9e1ebcbffc1f28
bc6102ba352da7974c112b223ab0c4081f9941348468f0346dd8a7f6d32c6a80
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5
c0879a3df3840a18bcdacdd15efeb6193d4a5f858624c518e46685e083eea57e
c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8
c716a966a498965e20e2c400bf0c09baf0df757dfaaad25639f6177840d7b769
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287
cc5b6fcaf7eaae8c380b108f063ccefb76732635b02c7b5f751e91c29788966a
d10feec4f6e0bcf409f72ffcfbb2d43a4f3c0555f6f44a0a2adc42a0dfd951bc
d1a52d386355ab19a28e35e65badb00ba844839a0005afa08221f73e529e1616
d1dd0169b434cfd45487c8f200b463ec483f198db89e1880890386deaaa4c8bb
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d752d3e14feeac1c6650c25d23157868fa3a108d7160f0ab9ec5df5cd6611d4c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d79cff36a18744567498afd8c4372a01f47bbb8b9f1e59c4fa3bd04f914a4700
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de6d4227d7c2186856dc98c33eb45cf3b0e6cf946c5711f139b21e14cdf30479
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec367575135f1ebb53be5ee3cf83555574ae29a87d7cf77bfa33b514465d9259
eeced1d8cb05e0490197eca352ff09680161f09b254df3fca1acb8e98593a275
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f132a3b6e8c8de07e8491ce98f184a952823c139df20446f61a1a9daca060a49
f2033e9662cfecc74297b16102231936cd38d14d185fd87b7cb9155766896374
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9c6765a14b047701fda89d020fb1c88bd446a24ad8f58ea01f9d21505412369
febe969d3fcc4972c8d19abdd6d30e262650947851320eab3b7ce9a7de4023c2
ff34e1a6f4a8d6782d0535c0023ed3b0153d6ac20ea38f6298e3db9755b483aa

all-news.co Open in urlscan Pro 5.189.131.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

217 Requests

92 %HTTPS

41 %IPv6

30 Domains

40 Subdomains

28 IPs

6 Countries

6824 kBTransfer

10231 kBSize

30 Cookies

3 Outgoing links

Page URL History

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

all-news.co Open in urlscan Pro
5.189.131.58 Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

92 %
HTTPS

41 %
IPv6

30
Domains

40
Subdomains

28
IPs

6
Countries

6824 kB
Transfer

10231 kB
Size

30
Cookies

217 HTTP transactions
15 data transactions