news.google.com Open in urlscan Pro
172.217.18.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bd7f1ccc.d26218.cn/
Effective URL:
https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de
Submission Tags: falconsandbox
Submission: On October 15 via api (October 15th 2021, 7:10:28 am UTC) from US — Scanned from DE

Summary HTTP 71 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 71 HTTP transactions. The main IP is 172.217.18.110, located in United States and belongs to GOOGLE, US. The main domain is news.google.com.
TLS certificate: Issued by GTS CA 1C3 on September 13th 2021. Valid for: 2 months.

This is the only time news.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.21.57.75 104.21.57.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	172.217.18.110 172.217.18.110	15169 (GOOGLE) (GOOGLE)
18	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
8	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
26	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
10	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
2	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
1	172.253.120.157 172.253.120.157	15169 (GOOGLE) (GOOGLE)
71	8

1 104.21.57.75 (None, )

ASN13335 (CLOUDFLARENET, US)

bd7f1ccc.d26218.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.110 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f14.1e100.net

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.120.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wd-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googleusercontent.com lh3.googleusercontent.com	73 KB
26	gstatic.com www.gstatic.com fonts.gstatic.com ssl.gstatic.com	697 KB
16	google.com 1 redirects news.google.com play.google.com apis.google.com	390 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	doubleclick.net stats.g.doubleclick.net	460 B
1	d26218.cn bd7f1ccc.d26218.cn	1 KB
71	6

	Domain	Requested by
26	lh3.googleusercontent.com	news.google.com
17	www.gstatic.com	news.google.com www.gstatic.com
9	play.google.com
8	fonts.gstatic.com	news.google.com
6	news.google.com	1 redirects bd7f1ccc.d26218.cn
2	www.google-analytics.com	www.gstatic.com www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	apis.google.com	www.gstatic.com
1	ssl.gstatic.com	www.gstatic.com
1	bd7f1ccc.d26218.cn
71	10

This site contains links to these domains. Also see Links.

Domain
www.google.de
accounts.google.com
play.google.com
itunes.apple.com
support.google.com
policies.google.com
about.google
www.weather.com

Subject Issuer	Validity	Valid
*.news.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de
Frame ID: 1003317EB38F36E2B75DE10A75ADDC1C
Requests: 67 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Google News

Page URL History Show full URLs

http://bd7f1ccc.d26218.cn/ Page URL
https://news.google.com/ HTTP 302
https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

71
Requests

99 %
HTTPS

0 %
IPv6

6
Domains

10
Subdomains

8
IPs

2
Countries

1180 kB
Transfer

3602 kB
Size

6
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.de/intl/de/about/products?tab=nh

Search URL Search Domain Scan URL

URL: https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://news.google.com/topstories?hl%3Dde%26gl%3DDE%26ceid%3DDE:de&followup=https://news.google.com/topstories?hl%3Dde%26gl%3DDE%26ceid%3DDE:de&hl=de&ec=GAZAqgM
Title: Anmelden

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.google.android.apps.magazines&referrer=news.google.com?utm_source=web&utm_medium=menu&utm_campaign=side_menu_promotion
Title: Android-App herunterladen

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/DE/app/apple-store/id459182288?pt=9008&ct=Web%20Side%20Promotion&mt=8&l=de
Title: iOS-App herunterladen

Search URL Search Domain Scan URL

URL: https://support.google.com/googlenews?p=web&hl=de&authuser=0
Title: Hilfe

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=de
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=de
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://about.google/?hl=de
Title: Über Google

Search URL Search Domain Scan URL

URL: https://www.weather.com/wx/today/?lat=37.09&lon=-95.71&locale=en_US&par=google
Title: weather.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bd7f1ccc.d26218.cn/ Page URL
https://news.google.com/ HTTP 302
https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
bd7f1ccc.d26218.cn/ 650 B
1 KB 95ms
77ms Document
text/html 104.21.57.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bd7f1ccc.d26218.cn/
Protocol: HTTP/1.1
Server: 104.21.57.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: bd7f1ccc.d26218.cn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 15 Oct 2021 07:10:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMe3%2FcshXoDSSm9kqH2mxZQvdA14vDY2oPuiK4ehw0Y3YngrmSNl8diNl60m1wV0B9y4d6bSryQ%2BF8%2B7UoW0U%2Bx2TyFI4xBx2G9r5X8uaE6h1OKxOw0gEKPK59e5tOMsQFaZ9to%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 69e73a292d336904-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

Primary Request topstories Show response
news.google.com/
Redirect Chain

https://news.google.com/
https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

2 MB
304 KB

44ms
44ms

Document
text/html

172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Requested by

Host: bd7f1ccc.d26218.cn
URL: http://bd7f1ccc.d26218.cn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

ESF /

Resource Hash

dcd335c0cce47db4db073b2ef8dc11d4dd6d8a5e5e7c657e0536633302992e60

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport script-src 'report-sample' 'nonce-/NqOYlI63UD+tG7jWcfZ4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'nonce-/NqOYlI63UD+tG7jWcfZ4g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://maps.googleapis.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /topstories?hl=de&gl=DE&ceid=DE:de
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://bd7f1ccc.d26218.cn/
accept-encoding: gzip, deflate, br
cookie: NID=511=RSR9kfTf_yQHONzV57yyf-MqDc4XM9XGQfEXRmTQsWvdLmZIuVvpSi3uIyHeTZLoSzQ2Mvv13e0mnjN_tliMuGlpTg3TiYtH83JLbXWK2q3IUwIUZFSixmRddMMQFblBeVN1PDiWnkiuYhdo0R0SanVyiL0DZVGEV8-pBGgdP58; GN_PREF=W251bGwsIkNBSVNEQWpkMHFTTEJoRGdpOFgzQWciXQ__
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bd7f1ccc.d26218.cn/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 15 Oct 2021 07:10:21 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport script-src 'report-sample' 'nonce-/NqOYlI63UD+tG7jWcfZ4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'nonce-/NqOYlI63UD+tG7jWcfZ4g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://maps.googleapis.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 15 Oct 2021 07:10:21 GMT
location: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
content-security-policy: script-src 'report-sample' 'nonce-sAJAZUX+nlHeoDqsC3wqVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'nonce-sAJAZUX+nlHeoDqsC3wqVg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://maps.googleapis.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=RSR9kfTf_yQHONzV57yyf-MqDc4XM9XGQfEXRmTQsWvdLmZIuVvpSi3uIyHeTZLoSzQ2Mvv13e0mnjN_tliMuGlpTg3TiYtH83JLbXWK2q3IUwIUZFSixmRddMMQFblBeVN1PDiWnkiuYhdo0R0SanVyiL0DZVGEV8-pBGgdP58; expires=Sat, 16-Apr-2022 07:10:21 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none GN_PREF=W251bGwsIkNBSVNEQWpkMHFTTEJoRGdpOFgzQWciXQ__; Expires=Fri, 15-Apr-2022 19:10:21 GMT; Path=/; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 204 cspreport
news.google.com/_/DotsSplashUi/ 0
23 B 26ms
26ms Other
text/html 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/DotsSplashUi/cspreport

Requested by

Host: bd7f1ccc.d26218.cn
URL: http://bd7f1ccc.d26218.cn/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport script-src 'report-sample' 'nonce-F4N63FTrX7FPLUpbmpEXvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'nonce-F4N63FTrX7FPLUpbmpEXvQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://maps.googleapis.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: no-cors
origin: https://news.google.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: report
cookie: NID=511=RSR9kfTf_yQHONzV57yyf-MqDc4XM9XGQfEXRmTQsWvdLmZIuVvpSi3uIyHeTZLoSzQ2Mvv13e0mnjN_tliMuGlpTg3TiYtH83JLbXWK2q3IUwIUZFSixmRddMMQFblBeVN1PDiWnkiuYhdo0R0SanVyiL0DZVGEV8-pBGgdP58; GN_PREF=W251bGwsIkNBSVNEQWpkMHFTTEJoRGdpOFgzQWciXQ__
content-length: 498
:path: /_/DotsSplashUi/cspreport
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: news.google.com
referer: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 07:10:21 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport script-src 'report-sample' 'nonce-F4N63FTrX7FPLUpbmpEXvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'nonce-F4N63FTrX7FPLUpbmpEXvQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://maps.googleapis.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=n73qwf,UUJqVe,MpJwZc Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=_b,_tp/excm=_b,_tp,topstorie... 19 KB
7 KB 31ms
8ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=_b,_tp/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=n73qwf,UUJqVe,MpJwZc

Requested by

Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/am=fAQKNAABgA/d=1/excm=_b,_tp,topstories/ed=1/dg=0/wt=2/esmo=1/rs=ALs0n2PE5_-D_Rbt8fjeHdrZhASXHP_Gag/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

52975e4ddcdf7b4c909aec9ab482e068706261e071c26ce60c8823d8ace77738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6708
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 19:57:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
expires: Fri, 14 Oct 2022 17:30:22 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=MpJwZc,UUJqVe,_b,_tp,n73qwf/... 31 KB
11 KB 32ms
9ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=MpJwZc,UUJqVe,_b,_tp,n73qwf/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=byfTOb,lsjVmc,LEikZe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

07367e12cfb6e047f1aedca46c873dd35cf4dbf2153abc6f2e5520cd7d58e4ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11544
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 19:57:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
expires: Fri, 14 Oct 2022 17:30:22 GMT

GET
H2 200 m=ws9Tlc,IZT63,e5qFLc,O1Gjze,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,gkizLe,lwOjSb,ryNBp,JntzAe,CLDLad,FSc7tf,m9oV,mI3LFb,WO9ee,U4Hp0d,O6y8ed,PrPYRd,NwH0H,OmgaI,hT8rr,YV1Fke,lazG7b,... Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=LEikZe,MpJwZc,UUJqVe,_b,_tp,... 481 KB
160 KB 27ms
14ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=LEikZe,MpJwZc,UUJqVe,_b,_tp,byfTOb,lsjVmc,n73qwf/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=ws9Tlc,IZT63,e5qFLc,O1Gjze,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,gkizLe,lwOjSb,ryNBp,JntzAe,CLDLad,FSc7tf,m9oV,mI3LFb,WO9ee,U4Hp0d,O6y8ed,PrPYRd,NwH0H,OmgaI,hT8rr,YV1Fke,lazG7b,XVMNvd,L1AAkb,KUM7Z,lfpdyf,k3XnTe,fFdwef,duFQFc,s39S4,xsFqcf,lwddkf,gychg,w9hDv,RMhBfe,XGmYob,SdcwHb,aW3pY,PQaYAf,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,BeJYtf,fgj8Rb,I6YDgd,xQtZb,lPKSwe,MdUzUe,gJzDyc,JNoxi,SF88Ef,vH8gCd,yDVVkb,QIhFr,nYRqfb,CkDnH,RLw19,KG2eXe,hc6Ubd,SpsfSb,VwDzFe,UXJhUd,zthM6,zbML3c,A7fCU,Uas9Hd,BVgquf,H4RQsd,EBW0uc,eYnyH,oovi3d,thFYTd,mdR7q,MI6k7c,kjKdXe,MxVzvd,hep7xb,hKSk3e,pcJko,pjICDe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

8fb91289ac6cbc0b87f7a07c20eb302e3740cab20c7d218af9f3f40b6d953c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163281
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 19:57:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
expires: Fri, 14 Oct 2022 17:30:22 GMT

GET
H2 200 googlelogo_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ 2 KB
1 KB 12ms
7ms Image
image/svg+xml 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:48:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 729
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Oct 2022 03:48:51 GMT

GET
H2 200 pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v9/ 31 KB
31 KB 42ms
20ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/productsans/v9/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 15:49:32 GMT
x-content-type-options: nosniff
age: 400849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31568
x-xss-protection: 0
last-modified: Mon, 15 Aug 2016 20:30:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 15:49:32 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ 21 KB
21 KB 33ms
12ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 09:06:13 GMT
x-content-type-options: nosniff
age: 252248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 09:06:13 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v14/ 21 KB
21 KB 37ms
16ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 08:58:29 GMT
x-content-type-options: nosniff
age: 252712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21700
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:43:33 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:58:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 22ms
8ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 09:07:47 GMT
x-content-type-options: nosniff
age: 252154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 09:07:47 GMT

GET
H3 200 m=K99qY,GILUZe,Mq9n0c Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BeJYtf,CLDLad,C... 14 KB
4 KB 22ms
8ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EFQ78c,FSc7tf,H4RQsd,I6YDgd,IZT63,JNoxi,JntzAe,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,MpJwZc,MxVzvd,NwH0H,O1Gjze,O6y8ed,OmgaI,PQaYAf,PrPYRd,QIhFr,RLw19,RMhBfe,SF88Ef,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XGmYob,XVMNvd,YV1Fke,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,blwjVc,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,fgj8Rb,gJzDyc,gkizLe,gychg,hKSk3e,hT8rr,hc6Ubd,hep7xb,k3XnTe,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nYRqfb,oovi3d,pcJko,pjICDe,pw70Gc,ryNBp,s39S4,thFYTd,vH8gCd,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zbML3c,zthM6/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=K99qY,GILUZe,Mq9n0c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

a92a85a688127572f3fec3cb094764a05a9148e93f92dbc0865c190cb99745cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4258
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 19:57:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
expires: Fri, 14 Oct 2022 17:30:22 GMT

GET
H3 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 81 KB
29 KB 7ms
7ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=LEikZe,MpJwZc,UUJqVe,_b,_tp,byfTOb,lsjVmc,n73qwf/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=ws9Tlc,IZT63,e5qFLc,O1Gjze,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,gkizLe,lwOjSb,ryNBp,JntzAe,CLDLad,FSc7tf,m9oV,mI3LFb,WO9ee,U4Hp0d,O6y8ed,PrPYRd,NwH0H,OmgaI,hT8rr,YV1Fke,lazG7b,XVMNvd,L1AAkb,KUM7Z,lfpdyf,k3XnTe,fFdwef,duFQFc,s39S4,xsFqcf,lwddkf,gychg,w9hDv,RMhBfe,XGmYob,SdcwHb,aW3pY,PQaYAf,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,BeJYtf,fgj8Rb,I6YDgd,xQtZb,lPKSwe,MdUzUe,gJzDyc,JNoxi,SF88Ef,vH8gCd,yDVVkb,QIhFr,nYRqfb,CkDnH,RLw19,KG2eXe,hc6Ubd,SpsfSb,VwDzFe,UXJhUd,zthM6,zbML3c,A7fCU,Uas9Hd,BVgquf,H4RQsd,EBW0uc,eYnyH,oovi3d,thFYTd,mdR7q,MI6k7c,kjKdXe,MxVzvd,hep7xb,hKSk3e,pcJko,pjICDe

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

3921b650819f76cdd0c19c6cf1a36a8d995831373e8bfc8faa9db553cb633470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 07:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29407
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 15:38:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="product-feedback-gathering"
expires: Fri, 15 Oct 2021 07:54:27 GMT

GET
H3 200 m=VkjdHd Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BeJYtf,CLDLad,C... 2 KB
877 B 8ms
8ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EFQ78c,FSc7tf,GILUZe,H4RQsd,I6YDgd,IZT63,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,MpJwZc,Mq9n0c,MxVzvd,NwH0H,O1Gjze,O6y8ed,OmgaI,PQaYAf,PrPYRd,QIhFr,RLw19,RMhBfe,SF88Ef,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XGmYob,XVMNvd,YV1Fke,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,blwjVc,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,fgj8Rb,gJzDyc,gkizLe,gychg,hKSk3e,hT8rr,hc6Ubd,hep7xb,k3XnTe,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nYRqfb,oovi3d,pcJko,pjICDe,pw70Gc,ryNBp,s39S4,thFYTd,vH8gCd,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zbML3c,zthM6/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=VkjdHd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

aef37d7d73e1b534598eed07da5b3e47446300e934498002afa8ef90d529410e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 851
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 19:57:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
expires: Fri, 14 Oct 2022 17:30:22 GMT

GET
H3 200 m=g2JDKf Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BeJYtf,CLDLad,C... 6 KB
3 KB 8ms
8ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EFQ78c,FSc7tf,GILUZe,H4RQsd,I6YDgd,IZT63,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,MpJwZc,Mq9n0c,MxVzvd,NwH0H,O1Gjze,O6y8ed,OmgaI,PQaYAf,PrPYRd,QIhFr,RLw19,RMhBfe,SF88Ef,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VkjdHd,VwDzFe,WO9ee,XGmYob,XVMNvd,YV1Fke,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,blwjVc,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,fgj8Rb,gJzDyc,gkizLe,gychg,hKSk3e,hT8rr,hc6Ubd,hep7xb,k3XnTe,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nYRqfb,oovi3d,pcJko,pjICDe,pw70Gc,ryNBp,s39S4,thFYTd,vH8gCd,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zbML3c,zthM6/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=g2JDKf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

20dfe1ecf39f8bf59e5388e5de161493a943e53bfa3805f050f5dbf389cd1fff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2570
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 19:57:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
expires: Fri, 14 Oct 2022 17:30:22 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 23ms
9ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:25 GMT
x-content-type-options: nosniff
age: 332397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 10:50:25 GMT

GET
H3 200 kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v109/ 142 KB
142 KB 25ms
12ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsextended/v109/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

885e2be527e74dd8cbc26f3832b6b96618a7cd25ff7560d26fb8607bfec95dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 13:30:58 GMT
x-content-type-options: nosniff
age: 149964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145308
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:06:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 13:30:58 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 20ms
7ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 17:44:12 GMT
x-content-type-options: nosniff
age: 221170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15436
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:12 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Oct 2022 17:44:12 GMT

GET
H2 200 qPxWsl_a_qZdMAb0kaODulr3_qqu43LgqteUebNI-QRI_IY0E7NF7WWlQgdBGdASM1EZpChznxzpf9Mu3PcKJCZ_--levx7ihR1XDY7zoqIpw6tklP5MP69B_Vu5SkiDueA=s0-w100-h100-rw-dcAaKIFLUF
lh3.googleusercontent.com/proxy/ 3 KB
3 KB 33ms
12ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/qPxWsl_a_qZdMAb0kaODulr3_qqu43LgqteUebNI-QRI_IY0E7NF7WWlQgdBGdASM1EZpChznxzpf9Mu3PcKJCZ_--levx7ihR1XDY7zoqIpw6tklP5MP69B_Vu5SkiDueA=s0-w100-h100-rw-dcAaKIFLUF

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

5cefc541d01931650ab86c1ec1e5736ef26bd20ffc204da5db7ae770b817d748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
server: fife
age: 7380
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2882
x-xss-protection: 0
expires: Sat, 16 Oct 2021 05:07:22 GMT

GET
H2 200 JDFOyo903E9WGstK0YhI2ZFOKR3h4qDxBngX5M8XJVBZFKzOBoxLmk3OVlgNw9SOE-HfkNgb=s0-w32-rw
lh3.googleusercontent.com/ 426 B
840 B 30ms
11ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/JDFOyo903E9WGstK0YhI2ZFOKR3h4qDxBngX5M8XJVBZFKzOBoxLmk3OVlgNw9SOE-HfkNgb=s0-w32-rw

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

a003fde7b0d85120664e37896f4f795fecf02289eeab274ab57b0e801db6242c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 05:51:14 GMT
x-content-type-options: nosniff
age: 4748
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 426
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 13:46:55 GMT

GET
H2 200 9mQ_Kq8Vv4NjOknPno_1OjCT4oV6v1UA201Sy2GUZMTL7RWHSHo6eX5orgz-26eFMRRBR4UdhTUqtCHfP9PnXgA2SZtJRpsB74PBiPWoUTDrg3PinYXzwubsF_7nZPqreMazQ-FmUpMl57O_sZVhI61AdW3l78x744ATyQ=s0-w100-h100-rw-dcgSSEqzkk0GaKanM
lh3.googleusercontent.com/proxy/ 5 KB
5 KB 11ms
9ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/9mQ_Kq8Vv4NjOknPno_1OjCT4oV6v1UA201Sy2GUZMTL7RWHSHo6eX5orgz-26eFMRRBR4UdhTUqtCHfP9PnXgA2SZtJRpsB74PBiPWoUTDrg3PinYXzwubsF_7nZPqreMazQ-FmUpMl57O_sZVhI61AdW3l78x744ATyQ=s0-w100-h100-rw-dcgSSEqzkk0GaKanM

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

c79684f71f9109707e2c2670d91c326ba8b6386a299182ad68cd4a6c86b64256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 04:00:52 GMT
x-content-type-options: nosniff
server: fife
age: 11370
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4648
x-xss-protection: 0
expires: Sat, 16 Oct 2021 04:00:52 GMT

GET
H2 200 Eoa66bkFSs0OWb3xJOGWrKC9sM7ZYU5-yYew70QBfAPdB0R010G374wgCKO-v07AL5kjiV6S2zWLo-wzucouxIRZAAeiIPIDn0c9t4ZcAfk-2qw7rsnpuJlvNwiuKQb-QowQ8_VlOnZ5KAqa0u37AExcDzRxk2L2RUx_B3dLbhjIScRvhCjjUKWjOpoQtaR_iHpP1...
lh3.googleusercontent.com/proxy/ 3 KB
3 KB 12ms
11ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/Eoa66bkFSs0OWb3xJOGWrKC9sM7ZYU5-yYew70QBfAPdB0R010G374wgCKO-v07AL5kjiV6S2zWLo-wzucouxIRZAAeiIPIDn0c9t4ZcAfk-2qw7rsnpuJlvNwiuKQb-QowQ8_VlOnZ5KAqa0u37AExcDzRxk2L2RUx_B3dLbhjIScRvhCjjUKWjOpoQtaR_iHpP1i0So-HKTl-EtLmvF36IT_knPWgJTPP8JHUAuckE1zNVQyDopTfS14DvBT1-rEb03D4Ped3qRjvBb1Kvtw=s0-w100-h100-rw-dcgWOKUa0G

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

7a3d71427a43c9eb6f1e030f9206c17382143ccaf96db1d7fc2094e09b538f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 06:27:24 GMT
x-content-type-options: nosniff
server: fife
age: 2578
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3104
x-xss-protection: 0
expires: Sat, 16 Oct 2021 06:27:24 GMT

GET
H2 200 VxoPHM6-Cd-ffdpRhyQsmGGO4eLKzHM63si2WZd7QNcCVoqmGDYph_et9I0IIjbF0qaINnTk-iAc2XLSeKI-8DWFzJLZKKs52AepCkJZR98rTLKVO7uvhAynD2_h0jb-S2QP3gd3tm5KYGOrVVZhLJF8e31-mqDTmgImPUo0xhFD6sF4tGvQS1Pfq5w=s0-w100-h...
lh3.googleusercontent.com/proxy/ 3 KB
3 KB 13ms
12ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/VxoPHM6-Cd-ffdpRhyQsmGGO4eLKzHM63si2WZd7QNcCVoqmGDYph_et9I0IIjbF0qaINnTk-iAc2XLSeKI-8DWFzJLZKKs52AepCkJZR98rTLKVO7uvhAynD2_h0jb-S2QP3gd3tm5KYGOrVVZhLJF8e31-mqDTmgImPUo0xhFD6sF4tGvQS1Pfq5w=s0-w100-h100-rw-dcAaGM87QlsXEB

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

41574cd9b464c157d301d4ee987c1c13a7d69cedc984aec0c3c4b169e3c005af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 06:13:01 GMT
x-content-type-options: nosniff
server: fife
age: 3441
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3042
x-xss-protection: 0
expires: Sat, 16 Oct 2021 06:13:01 GMT

GET
H3 200 b2vudIoljvvNgyyHAlwOn8CFF6I3sH3PmKgDY3_dbOF-ue_bJZZp1TAqMKkRFhxWsoA8hTJ5v0i9kg8NXaODaUQ1_yOpvhyceXsGnvIKPNO8istDYhwkEveVlS7nmxnqBJ40yd3xc4c41mpfB5htx_f3aDt74_7WrJ58ZA2f16sLlDN0n6mmPQ=s0-w100-h100-r...
lh3.googleusercontent.com/proxy/ 5 KB
5 KB 25ms
9ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/b2vudIoljvvNgyyHAlwOn8CFF6I3sH3PmKgDY3_dbOF-ue_bJZZp1TAqMKkRFhxWsoA8hTJ5v0i9kg8NXaODaUQ1_yOpvhyceXsGnvIKPNO8istDYhwkEveVlS7nmxnqBJ40yd3xc4c41mpfB5htx_f3aDt74_7WrJ58ZA2f16sLlDN0n6mmPQ=s0-w100-h100-rw-dcMVSCziUI

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

cb168f15c5bdb0dde8ea6032e9ce135d85b080c8ae8f91ec0ca095243a6c086b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 04:05:58 GMT
x-content-type-options: nosniff
server: fife
age: 11064
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4728
x-xss-protection: 0
expires: Sat, 16 Oct 2021 04:05:58 GMT

GET
H3 200 z0CMgedJerstx9LEK-P7cEdR_CV0IH8b3VAnZ03iKFalGNQi6UqRJl2z3r70mzbRFYf9XeINZqBEIUh8o16C8wOvb-kxGDIKTwo9GNizRTvnhHeCeIfW3zYVa9nVNR9u=s0-w100-h100-rw-dcDTGWppwJ
lh3.googleusercontent.com/proxy/ 3 KB
4 KB 25ms
9ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/z0CMgedJerstx9LEK-P7cEdR_CV0IH8b3VAnZ03iKFalGNQi6UqRJl2z3r70mzbRFYf9XeINZqBEIUh8o16C8wOvb-kxGDIKTwo9GNizRTvnhHeCeIfW3zYVa9nVNR9u=s0-w100-h100-rw-dcDTGWppwJ

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

206f1f0104c10a76fab01cf233023ed16b414676dda309392a18adcc0749cc6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 03:15:10 GMT
x-content-type-options: nosniff
server: fife
age: 14112
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3562
x-xss-protection: 0
expires: Sat, 16 Oct 2021 03:15:10 GMT

GET
H3 200 12TkzFtGfb7mBwHdwyDUmZkyQZjoMOa7NtSYZEbejCF4aXCKQwoGDRh0NEEBJQXN8__Q9XsvSqZPSRfhJ50B6XD7B7t9EqYIiomqoObcXZW5QSXmnfy5tTzNijmr3tYHR03hFCCEkV_l=s0-w56-h56-rw-dcFUKIiKJoPUkC
lh3.googleusercontent.com/proxy/ 2 KB
2 KB 15ms
12ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/12TkzFtGfb7mBwHdwyDUmZkyQZjoMOa7NtSYZEbejCF4aXCKQwoGDRh0NEEBJQXN8__Q9XsvSqZPSRfhJ50B6XD7B7t9EqYIiomqoObcXZW5QSXmnfy5tTzNijmr3tYHR03hFCCEkV_l=s0-w56-h56-rw-dcFUKIiKJoPUkC

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

5ba76e08c8810ee6154d0a57d9588043df22eb03dfafd8c258042c1dc349e56a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 04:32:34 GMT
x-content-type-options: nosniff
server: fife
age: 9468
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2348
x-xss-protection: 0
expires: Sat, 16 Oct 2021 04:32:34 GMT

GET
H3 200 d9MkIyZwwGUPH0dExoph2D6eu8E-1fb1TAtCOBuh3kKuL5QVf80zFK2TGa88zchD7FcqzLINCHg9waHCA08PPk0Xt5v7-UDqWvPDR-YZPD076PI02rlOozC6h5Ot7kZ_I50aAshXWZPMSSOpeSE8heOaQd3_euQqZPxQIGTjDIk-xdJ4WURGEKnyPyet8CrxJtnSs...
lh3.googleusercontent.com/proxy/ 1 KB
1 KB 13ms
11ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/d9MkIyZwwGUPH0dExoph2D6eu8E-1fb1TAtCOBuh3kKuL5QVf80zFK2TGa88zchD7FcqzLINCHg9waHCA08PPk0Xt5v7-UDqWvPDR-YZPD076PI02rlOozC6h5Ot7kZ_I50aAshXWZPMSSOpeSE8heOaQd3_euQqZPxQIGTjDIk-xdJ4WURGEKnyPyet8CrxJtnSsTGM85oTbYdebohospfWuSe2p5n6JimD1TMHmE8Tn3aJ=s0-w56-h56-rw-dcgSGE1ZjouNUA

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

5f24b386022c45f994e0f398061ca31c865755eb1f5611e281bdb9ed01025d63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 07:08:06 GMT
x-content-type-options: nosniff
server: fife
age: 136
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
expires: Sat, 16 Oct 2021 07:08:06 GMT

GET
H3 200 7YPBKz1PiCUMeVn4VPh3U2I_SEMUMuMn1gPFV3EEUItENqunOAcXhWxJHKBcXahoBlFqFCTdMK4zgH_UwtwFOtqMT3ltiW5dOhhbYIs=s0-w56-h56-rw-dcqVWSzSUI
lh3.googleusercontent.com/proxy/ 3 KB
3 KB 13ms
12ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/7YPBKz1PiCUMeVn4VPh3U2I_SEMUMuMn1gPFV3EEUItENqunOAcXhWxJHKBcXahoBlFqFCTdMK4zgH_UwtwFOtqMT3ltiW5dOhhbYIs=s0-w56-h56-rw-dcqVWSzSUI

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

8eaec744ab8c2ed5aa9dd20c8b7f2460309aafdda3c2e925171d3408332cf570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 05:35:45 GMT
x-content-type-options: nosniff
server: fife
age: 5677
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2810
x-xss-protection: 0
expires: Sat, 16 Oct 2021 05:35:45 GMT

GET
H3 200 e1KpgcpciL-UJbgOHg-2SBfkaxiCWeEEVQmDqv2l11N9GBLe1X1-corBWRJpNY13g6aevNO9JdoLBUeg7LJFf-u3TfQOqGGZpI1vIge1xpSIpM9ez2-OXrEBYjTXzH7RHbQsB7UYR-BkR_T5Go8u3IbXnzobbWL45mbeDVQWl026DA=s0-w56-h56-rw-dcHUSScC0H
lh3.googleusercontent.com/proxy/ 2 KB
2 KB 15ms
13ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/e1KpgcpciL-UJbgOHg-2SBfkaxiCWeEEVQmDqv2l11N9GBLe1X1-corBWRJpNY13g6aevNO9JdoLBUeg7LJFf-u3TfQOqGGZpI1vIge1xpSIpM9ez2-OXrEBYjTXzH7RHbQsB7UYR-BkR_T5Go8u3IbXnzobbWL45mbeDVQWl026DA=s0-w56-h56-rw-dcHUSScC0H

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

92fb8490854f76158950d1b373fe6345d6a132677c2d71fad61a10737526165d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 04:25:27 GMT
x-content-type-options: nosniff
server: fife
age: 9895
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1790
x-xss-protection: 0
expires: Sat, 16 Oct 2021 04:25:27 GMT

GET
H3 200 EazEseRQv3YZIQlwi_lBPtynkn0QGVCHCFRPtRT38o0OgI45pYF6R7n1BLLaFspcC9OKkfcJwFInG2QVwJibm2tupe67BDuq4UEaB7xQMPZs31Q48d2R0NB4EEtVygyQcNQgdOIGi6ES6iJv6EvDpoU_tJ6gzfgVwQTf1D3R-YCx-gYy0tokEKkmDpnmobpnXdCCt...
lh3.googleusercontent.com/proxy/ 2 KB
2 KB 14ms
12ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/EazEseRQv3YZIQlwi_lBPtynkn0QGVCHCFRPtRT38o0OgI45pYF6R7n1BLLaFspcC9OKkfcJwFInG2QVwJibm2tupe67BDuq4UEaB7xQMPZs31Q48d2R0NB4EEtVygyQcNQgdOIGi6ES6iJv6EvDpoU_tJ6gzfgVwQTf1D3R-YCx-gYy0tokEKkmDpnmobpnXdCCtT8gUXYXO1jUMe5BprFWh3qes6rHgWcih99XCqhfGA-9hH1VduE79O1O8VyTtDwPNkI1n0DAqayPH2MxewuCKXzZp9WLeB7zYQOEoJUWf45QLOMLYg5fsCL_nSjZ=s0-w56-h56-rw-dcAQCOxZAF

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

673da956cf35b3de4907f0f274ddacc80fdf498297b82d288081857858e6e445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 04:51:52 GMT
x-content-type-options: nosniff
server: fife
age: 8310
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1874
x-xss-protection: 0
expires: Sat, 16 Oct 2021 04:51:52 GMT

GET
H3 200 gltRR7kZ7ZSdULy-ehY1RRqQJBxolvrW7cgOE6TagluYSlmsBBYOCmIMYqsqMDb8uYTZ8LzTx7sNNgsZ7dsslPiDI0I4J00BP8d8HZ2T=s0-w56-h56-rw-dcyWCGtqgG
lh3.googleusercontent.com/proxy/ 1 KB
1 KB 14ms
12ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/gltRR7kZ7ZSdULy-ehY1RRqQJBxolvrW7cgOE6TagluYSlmsBBYOCmIMYqsqMDb8uYTZ8LzTx7sNNgsZ7dsslPiDI0I4J00BP8d8HZ2T=s0-w56-h56-rw-dcyWCGtqgG

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

17de91306fef5c8273bab068dae37d697fcd9f0b741b125e331f1684599ff232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 06:16:39 GMT
x-content-type-options: nosniff
server: fife
age: 3223
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1318
x-xss-protection: 0
expires: Sat, 16 Oct 2021 06:16:39 GMT

GET
H3 200 5j4l3Jv1fKpxcfiloYbyBOMbXPD4fQtta4KoJXTxqmcqxsbm8ylQKCcE-GLIPYkU7fH9pVn1R-MNhf0BQ6qTk5ShAU2npTpUyUUBcCyrtoDsjakyJ_kpnTHQc9v6qEoROkfG_lE=s0-w56-h56-rw-dcgVKM5KKnTK0B
lh3.googleusercontent.com/proxy/ 3 KB
3 KB 14ms
13ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/5j4l3Jv1fKpxcfiloYbyBOMbXPD4fQtta4KoJXTxqmcqxsbm8ylQKCcE-GLIPYkU7fH9pVn1R-MNhf0BQ6qTk5ShAU2npTpUyUUBcCyrtoDsjakyJ_kpnTHQc9v6qEoROkfG_lE=s0-w56-h56-rw-dcgVKM5KKnTK0B

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

b5eb8ab8c1f64c05cb870eda8f2f64b5a9f111cba8cde29f6566f011d434611b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 06:28:23 GMT
x-content-type-options: nosniff
server: fife
age: 2519
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2562
x-xss-protection: 0
expires: Sat, 16 Oct 2021 06:28:23 GMT

GET
H3 200 Ft9dPi38Xlk3KnwH-mmjcA4LJuvt7IDDQv_pJuM_9iymEaUwTMgK0gSC3rs3YkJ68ooDFPFhurR63GXZT1D9iqPcrBRPH-eKiUI0enq1PyHDvQtPdY6J9FcFBN0S8n_qQgM=s0-w56-h56-rw-dcDWAG
lh3.googleusercontent.com/proxy/ 2 KB
2 KB 13ms
12ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/Ft9dPi38Xlk3KnwH-mmjcA4LJuvt7IDDQv_pJuM_9iymEaUwTMgK0gSC3rs3YkJ68ooDFPFhurR63GXZT1D9iqPcrBRPH-eKiUI0enq1PyHDvQtPdY6J9FcFBN0S8n_qQgM=s0-w56-h56-rw-dcDWAG

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

80a5788d64c5224c555f9e4180fc11cc282a7194ddf47df34160e30042716872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 06:31:07 GMT
x-content-type-options: nosniff
server: fife
age: 2355
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2366
x-xss-protection: 0
expires: Sat, 16 Oct 2021 06:31:07 GMT

GET
H3 200 m=p8L0ob,jxZhU,Ru0Pgb,hECoeb Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BeJYtf,CLDLad,C... 12 KB
5 KB 10ms
9ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EFQ78c,FSc7tf,GILUZe,H4RQsd,I6YDgd,IZT63,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,MpJwZc,Mq9n0c,MxVzvd,NwH0H,O1Gjze,O6y8ed,OmgaI,PQaYAf,PrPYRd,QIhFr,RLw19,RMhBfe,SF88Ef,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VkjdHd,VwDzFe,WO9ee,XGmYob,XVMNvd,YV1Fke,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,blwjVc,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,fgj8Rb,g2JDKf,gJzDyc,gkizLe,gychg,hKSk3e,hT8rr,hc6Ubd,hep7xb,k3XnTe,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nYRqfb,oovi3d,pcJko,pjICDe,pw70Gc,ryNBp,s39S4,thFYTd,vH8gCd,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zbML3c,zthM6/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=p8L0ob,jxZhU,Ru0Pgb,hECoeb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

6c64e26b2aa5d0470f969d97cbf82d9c26d00f2ab58316fa5bb1dd759a9872b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5453
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 19:57:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
expires: Fri, 14 Oct 2022 17:35:41 GMT

GET
H3 200 m=dPwZPd,a4N6Ae,Whpzpe,OmccEb,a6pq1,EGNJFf,NG09oe,NKIqxb,phD5td,MIIQB,SM1lmd,hpnRI,E8sThf,Jkqotb,qHgWl,pNpd4d,Hjkoe,BZ12ub,DVmNNd,o8u3Cf,VP4VG,HyhIue,pQWkX,w1EBhc,d7KRCb,MRcHif,WDTLsd,uOVaAc,jSvZHb Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BeJYtf,CLDLad,C... 255 KB
83 KB 8ms
8ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EFQ78c,FSc7tf,GILUZe,H4RQsd,I6YDgd,IZT63,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,MpJwZc,Mq9n0c,MxVzvd,NwH0H,O1Gjze,O6y8ed,OmgaI,PQaYAf,PrPYRd,QIhFr,RLw19,RMhBfe,Ru0Pgb,SF88Ef,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VkjdHd,VwDzFe,WO9ee,XGmYob,XVMNvd,YV1Fke,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,blwjVc,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,fgj8Rb,g2JDKf,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,jxZhU,k3XnTe,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nYRqfb,oovi3d,p8L0ob,pcJko,pjICDe,pw70Gc,ryNBp,s39S4,thFYTd,vH8gCd,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zbML3c,zthM6/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=dPwZPd,a4N6Ae,Whpzpe,OmccEb,a6pq1,EGNJFf,NG09oe,NKIqxb,phD5td,MIIQB,SM1lmd,hpnRI,E8sThf,Jkqotb,qHgWl,pNpd4d,Hjkoe,BZ12ub,DVmNNd,o8u3Cf,VP4VG,HyhIue,pQWkX,w1EBhc,d7KRCb,MRcHif,WDTLsd,uOVaAc,jSvZHb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

9468dace0d0f0c302ea15d7adac73dd5442c87d5679f1bd7c7997a66625006b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85095
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 19:57:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
expires: Fri, 14 Oct 2022 17:35:06 GMT

OPTIONS
H2 200 log
play.google.com/ 0
0 35ms
14ms Preflight
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 15 Oct 2021 07:10:22 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 log Show response
play.google.com/ 131 B
152 B 97ms
56ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 15 Oct 2021 07:10:22 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

GET
H3 200 4GCSI6B--yjlKUrYJTjkMOqoeAdHDcB5_yNEhc8Yt7KPYvLxtY89cZGMZW50VkIaiemmtu6MWhX-ZS0K9ET7DpJ348ZMpsfNpmqHhVWSwsZTs4cE3xAjhQZXHpRbGQ=s0-w56-h56-rw-dcLbKEjrEE
lh3.googleusercontent.com/proxy/ 4 KB
4 KB 8ms
7ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/4GCSI6B--yjlKUrYJTjkMOqoeAdHDcB5_yNEhc8Yt7KPYvLxtY89cZGMZW50VkIaiemmtu6MWhX-ZS0K9ET7DpJ348ZMpsfNpmqHhVWSwsZTs4cE3xAjhQZXHpRbGQ=s0-w56-h56-rw-dcLbKEjrEE

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

22904c61ee813e8259530031378a199b4a6b174e9e495dee516b31a958a3207d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 06:33:04 GMT
x-content-type-options: nosniff
server: fife
age: 2238
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3632
x-xss-protection: 0
expires: Sat, 16 Oct 2021 06:33:04 GMT

GET
H3 200 yFD8LQI8th8rNjDYTbeR1Uf2khpke_naRYDkJxJXE55VbHnF8Q9IU2nmtGuxgNTrzM1RKsr8jKAuPClYZGiMZ9_vIBpQdUVRHfAFsCiMfeyyUa6gEYJ8-y9GBk5YAGlERUKlyW8-WVV-t15KFiOyqt9JuylTAQ=s0-w56-h56-rw-dcFSKA9mDimocC
lh3.googleusercontent.com/proxy/ 2 KB
2 KB 8ms
8ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/yFD8LQI8th8rNjDYTbeR1Uf2khpke_naRYDkJxJXE55VbHnF8Q9IU2nmtGuxgNTrzM1RKsr8jKAuPClYZGiMZ9_vIBpQdUVRHfAFsCiMfeyyUa6gEYJ8-y9GBk5YAGlERUKlyW8-WVV-t15KFiOyqt9JuylTAQ=s0-w56-h56-rw-dcFSKA9mDimocC

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

4264c89a857674e632e7fa7647f3904b6b90eda5ba53bac9dcf9db10a40ef8d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 05:14:06 GMT
x-content-type-options: nosniff
server: fife
age: 6976
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2122
x-xss-protection: 0
expires: Sat, 16 Oct 2021 05:14:06 GMT

POST
H3 200 v Show response
news.google.com/_/ 9 B
62 B 22ms
21ms XHR
text/plain 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/v

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

ESF /

Resource Hash

a5fa5e00257df5e71ac464446b02c3904507e173448b29b84f602ab1c46b377c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Av1Bhe574XeFbM44L3SdCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'nonce-Av1Bhe574XeFbM44L3SdCA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://maps.googleapis.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
origin: https://news.google.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: NID=511=RSR9kfTf_yQHONzV57yyf-MqDc4XM9XGQfEXRmTQsWvdLmZIuVvpSi3uIyHeTZLoSzQ2Mvv13e0mnjN_tliMuGlpTg3TiYtH83JLbXWK2q3IUwIUZFSixmRddMMQFblBeVN1PDiWnkiuYhdo0R0SanVyiL0DZVGEV8-pBGgdP58; GN_PREF=W251bGwsIkNBSVNEQWpkMHFTTEJoRGdpOFgzQWciXQ__
content-length: 7
:path: /_/v
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded;charset=UTF-8
accept: */*
cache-control: no-cache
:authority: news.google.com
referer: https://news.google.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

content-security-policy: script-src 'report-sample' 'nonce-Av1Bhe574XeFbM44L3SdCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'nonce-Av1Bhe574XeFbM44L3SdCA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://maps.googleapis.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
date: Fri, 15 Oct 2021 07:10:22 GMT
strict-transport-security: max-age=31536000
content-type: text/plain; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=dAR81,A4UTCb,qAKInc,VXdfxd,zbPkme,iSvg6e,S9Bhuc,tOLjce,SpTAFc,MfVatf,ZHduwf Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BZ12ub,BeJYtf,C... 23 KB
7 KB 7ms
7ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BZ12ub,BeJYtf,CLDLad,COQbmf,CkDnH,DVmNNd,E8sThf,EBW0uc,EFQ78c,EGNJFf,FSc7tf,GILUZe,H4RQsd,Hjkoe,HyhIue,I6YDgd,IZT63,JNoxi,Jkqotb,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MIIQB,MRcHif,MdUzUe,MpJwZc,Mq9n0c,MxVzvd,NG09oe,NKIqxb,NwH0H,O1Gjze,O6y8ed,OmccEb,OmgaI,PQaYAf,PrPYRd,QIhFr,RLw19,RMhBfe,Ru0Pgb,SF88Ef,SM1lmd,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VP4VG,VkjdHd,VwDzFe,WDTLsd,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,ZfAoz,ZwDk9d,_b,_tp,a4N6Ae,a6pq1,aW3pY,aurFic,blwjVc,byfTOb,d7KRCb,dPwZPd,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,fgj8Rb,g2JDKf,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,hpnRI,jSvZHb,jxZhU,k3XnTe,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nYRqfb,o8u3Cf,oovi3d,p8L0ob,pNpd4d,pQWkX,pcJko,phD5td,pjICDe,pw70Gc,qHgWl,ryNBp,s39S4,thFYTd,uOVaAc,vH8gCd,w1EBhc,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zbML3c,zthM6/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=dAR81,A4UTCb,qAKInc,VXdfxd,zbPkme,iSvg6e,S9Bhuc,tOLjce,SpTAFc,MfVatf,ZHduwf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

673ae8017da4045e2d00ec184c35a4da33811e2563b036ebeffb774c687e95b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7075
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 19:57:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
expires: Fri, 14 Oct 2022 17:30:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
6ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EFQ78c,FSc7tf,GILUZe,H4RQsd,I6YDgd,IZT63,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,MpJwZc,Mq9n0c,MxVzvd,NwH0H,O1Gjze,O6y8ed,OmgaI,PQaYAf,PrPYRd,QIhFr,RLw19,RMhBfe,SF88Ef,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VkjdHd,VwDzFe,WO9ee,XGmYob,XVMNvd,YV1Fke,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,blwjVc,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,fgj8Rb,g2JDKf,gJzDyc,gkizLe,gychg,hKSk3e,hT8rr,hc6Ubd,hep7xb,k3XnTe,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nYRqfb,oovi3d,pcJko,pjICDe,pw70Gc,ryNBp,s39S4,thFYTd,vH8gCd,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zbML3c,zthM6/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=p8L0ob,jxZhU,Ru0Pgb,hECoeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 1405
date: Fri, 15 Oct 2021 06:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 15 Oct 2021 08:46:57 GMT

GET
H3 200 rs=AA2YrTsv3hCOYjFRSsPPOakqQhgpvDAQ4g Show response
www.gstatic.com/og/_/js/k=og.qtm.en_US.b4D5rO29AOM.O/rt=j/m=q_dnp,q_sf,qmd,qcwid,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/ 103 KB
37 KB 8ms
8ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/js/k=og.qtm.en_US.b4D5rO29AOM.O/rt=j/m=q_dnp,q_sf,qmd,qcwid,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/rs=AA2YrTsv3hCOYjFRSsPPOakqQhgpvDAQ4g

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

f3f33d597f5f05c8363d19b277ec2a87ad4353e75240246ecdc474ae13a655b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 08:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38061
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 01:39:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="one-google-eng"
expires: Thu, 13 Oct 2022 08:30:34 GMT

GET
H3 200 rs=AA2YrTtpwNfv2IuA3ry4lBhfUBS967007g
www.gstatic.com/og/_/ss/k=og.qtm.YZSfabyutes.L.W.O/m=q_sf,qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/ct=zgms/ 3 KB
857 B 8ms
7ms Stylesheet
text/css 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/ss/k=og.qtm.YZSfabyutes.L.W.O/m=q_sf,qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTtpwNfv2IuA3ry4lBhfUBS967007g

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

8a15c4f725bbaee1e2f802b4a98fdbe7bb194b4eaa2e483e10202b71038aecda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 831
x-xss-protection: 0
last-modified: Sat, 09 Oct 2021 01:46:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="one-google-eng"
expires: Tue, 11 Oct 2022 14:43:41 GMT

GET
H3 200 lottie_light.js Show response
ssl.gstatic.com/external_hosted/lottie/ 145 KB
35 KB 24ms
24ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/external_hosted/lottie/lottie_light.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A7fCU,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EFQ78c,FSc7tf,GILUZe,H4RQsd,I6YDgd,IZT63,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,MpJwZc,Mq9n0c,MxVzvd,NwH0H,O1Gjze,O6y8ed,OmgaI,PQaYAf,PrPYRd,QIhFr,RLw19,RMhBfe,Ru0Pgb,SF88Ef,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VkjdHd,VwDzFe,WO9ee,XGmYob,XVMNvd,YV1Fke,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,blwjVc,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,fgj8Rb,g2JDKf,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,jxZhU,k3XnTe,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nYRqfb,oovi3d,p8L0ob,pcJko,pjICDe,pw70Gc,ryNBp,s39S4,thFYTd,vH8gCd,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zbML3c,zthM6/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=dPwZPd,a4N6Ae,Whpzpe,OmccEb,a6pq1,EGNJFf,NG09oe,NKIqxb,phD5td,MIIQB,SM1lmd,hpnRI,E8sThf,Jkqotb,qHgWl,pNpd4d,Hjkoe,BZ12ub,DVmNNd,o8u3Cf,VP4VG,HyhIue,pQWkX,w1EBhc,d7KRCb,MRcHif,WDTLsd,uOVaAc,jSvZHb

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

5f6c6c88f646afcae961eeba23c721d488fa1c3cc1596f6bdcc9d216d523ad0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 07:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35947
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Oct 2021 07:10:22 GMT

POST
H3 200 batchexecute Show response
news.google.com/_/DotsSplashUi/data/ 182 KB
47 KB 55ms
55ms XHR
application/json 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/DotsSplashUi/data/batchexecute?rpcids=xBjcpf&f.sid=-3130877269291430088&bl=boq_dotssplashserver_20211012.13_p0&hl=de&gl=DE&soc-app=140&soc-platform=1&soc-device=1&_reqid=25823&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

ESF /

Resource Hash

2ad0b32f360e1d030aa6c709d003758cf5336b7ef8dfc07dbee9397de4e4a22f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
x-same-domain: 1
origin: https://news.google.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: NID=511=RSR9kfTf_yQHONzV57yyf-MqDc4XM9XGQfEXRmTQsWvdLmZIuVvpSi3uIyHeTZLoSzQ2Mvv13e0mnjN_tliMuGlpTg3TiYtH83JLbXWK2q3IUwIUZFSixmRddMMQFblBeVN1PDiWnkiuYhdo0R0SanVyiL0DZVGEV8-pBGgdP58; GN_PREF=W251bGwsIkNBSVNEQWpkMHFTTEJoRGdpOFgzQWciXQ__
content-length: 387
:path: /_/DotsSplashUi/data/batchexecute?rpcids=xBjcpf&f.sid=-3130877269291430088&bl=boq_dotssplashserver_20211012.13_p0&hl=de&gl=DE&soc-app=140&soc-platform=1&soc-device=1&_reqid=25823&rt=c
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded;charset=UTF-8
accept: */*
cache-control: no-cache
:authority: news.google.com
referer: https://news.google.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
X-Same-Domain: 1
Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 15 Oct 2021 07:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 log
play.google.com/ 0
0 32ms
17ms Preflight
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 15 Oct 2021 07:10:22 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 m=UfW3Hd Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A4UTCb,A7fCU,BVgquf,BZ12ub,B... 712 B
463 B 8ms
8ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A4UTCb,A7fCU,BVgquf,BZ12ub,BeJYtf,CLDLad,COQbmf,CkDnH,DVmNNd,E8sThf,EBW0uc,EFQ78c,EGNJFf,FSc7tf,GILUZe,H4RQsd,Hjkoe,HyhIue,I6YDgd,IZT63,JNoxi,Jkqotb,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MIIQB,MRcHif,MdUzUe,MfVatf,MpJwZc,Mq9n0c,MxVzvd,NG09oe,NKIqxb,NwH0H,O1Gjze,O6y8ed,OmccEb,OmgaI,PQaYAf,PrPYRd,QIhFr,RLw19,RMhBfe,Ru0Pgb,S9Bhuc,SF88Ef,SM1lmd,SdcwHb,SpTAFc,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VP4VG,VXdfxd,VkjdHd,VwDzFe,WDTLsd,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,ZHduwf,ZfAoz,ZwDk9d,_b,_tp,a4N6Ae,a6pq1,aW3pY,aurFic,blwjVc,byfTOb,d7KRCb,dAR81,dPwZPd,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,fgj8Rb,g2JDKf,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,hpnRI,iSvg6e,jSvZHb,jxZhU,k3XnTe,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nYRqfb,o8u3Cf,oovi3d,p8L0ob,pNpd4d,pQWkX,pcJko,phD5td,pjICDe,pw70Gc,qAKInc,qHgWl,ryNBp,s39S4,tOLjce,thFYTd,uOVaAc,vH8gCd,w1EBhc,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zbML3c,zbPkme,zthM6/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=UfW3Hd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

3bcc7c9abbeb7376e294863204e07258e5e2af2c403f2e5a8a37b0b4c81ae960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 433
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 19:57:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
expires: Fri, 14 Oct 2022 17:30:35 GMT

POST
H3 200 log Show response
play.google.com/ 131 B
152 B 31ms
27ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 15 Oct 2021 07:10:22 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hvE_rrhCzPE.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-98F2Gk-siNaIBZOtcWfXQWKdTpQ/ 105 KB
36 KB 28ms
7ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hvE_rrhCzPE.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-98F2Gk-siNaIBZOtcWfXQWKdTpQ/cb=gapi.loaded_0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.b4D5rO29AOM.O/rt=j/m=q_dnp,q_sf,qmd,qcwid,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtt/d=1/ed=1/rs=AA2YrTsv3hCOYjFRSsPPOakqQhgpvDAQ4g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

1540692f1d2608c1ed7dc523ce638eac9cfb25618aefcd011db034665acc1b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 07:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35766
x-xss-protection: 0
last-modified: Sun, 03 Oct 2021 15:13:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Sat, 15 Oct 2022 07:03:31 GMT

GET
H3 200 4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
fonts.gstatic.com/s/googlesans/v14/ 21 KB
21 KB 7ms
7ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/topstories?hl=de&gl=DE&ceid=DE:de

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

506ac8f1116da2a136f8d8a48a383339af3bedd7f16c0c90cd0a2f0b0cbd526c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 12:46:38 GMT
x-content-type-options: nosniff
age: 152624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21504
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:43:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 12:46:38 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
13ms XHR
text/plain 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=857877288&t=pageview&_s=1&dl=https%3A%2F%2Fnews.google.com%2Ftopstories&dr=http%3A%2F%2Fbd7f1ccc.d26218.cn%2F&ul=en-us&de=UTF-8&dt=Google%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1506858069&gjid=542089877&cid=1802909143.1634281823&tid=UA-115545151-2&_gid=1279611285.1634281823&_r=1&_slc=1&cd1=ANONYMOUS&z=2066644983

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 07:10:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=WxkY9 Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A4UTCb,A7fCU,BVgquf,BZ12ub,B... 5 KB
2 KB 10ms
7ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A4UTCb,A7fCU,BVgquf,BZ12ub,BeJYtf,CLDLad,COQbmf,CkDnH,DVmNNd,E8sThf,EBW0uc,EFQ78c,EGNJFf,FSc7tf,GILUZe,H4RQsd,Hjkoe,HyhIue,I6YDgd,IZT63,JNoxi,Jkqotb,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MIIQB,MRcHif,MdUzUe,MfVatf,MpJwZc,Mq9n0c,MxVzvd,NG09oe,NKIqxb,NwH0H,O1Gjze,O6y8ed,OmccEb,OmgaI,PQaYAf,PrPYRd,QIhFr,RLw19,RMhBfe,Ru0Pgb,S9Bhuc,SF88Ef,SM1lmd,SdcwHb,SpTAFc,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,UfW3Hd,Ulmmrd,V3dDOb,VP4VG,VXdfxd,VkjdHd,VwDzFe,WDTLsd,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,ZHduwf,ZfAoz,ZwDk9d,_b,_tp,a4N6Ae,a6pq1,aW3pY,aurFic,blwjVc,byfTOb,d7KRCb,dAR81,dPwZPd,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,fgj8Rb,g2JDKf,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,hpnRI,iSvg6e,jSvZHb,jxZhU,k3XnTe,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nYRqfb,o8u3Cf,oovi3d,p8L0ob,pNpd4d,pQWkX,pcJko,phD5td,pjICDe,pw70Gc,qAKInc,qHgWl,ryNBp,s39S4,tOLjce,thFYTd,uOVaAc,vH8gCd,w1EBhc,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zbML3c,zbPkme,zthM6/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=WxkY9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

823ca38906d6e0578eba50dda1509e93701b55fba4c746e05180571427a5c493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1933
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 19:57:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
expires: Fri, 14 Oct 2022 17:31:54 GMT

GET
H3 200 m=i5dxUd,bTi8wc,i5H9N,RAnnUd,PHUIyb,pxq3x,yRXbo,qNG0Fc,ywOR5c Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A4UTCb,A7fCU,BVgquf,BZ12ub,B... 97 KB
26 KB 7ms
7ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A4UTCb,A7fCU,BVgquf,BZ12ub,BeJYtf,CLDLad,COQbmf,CkDnH,DVmNNd,E8sThf,EBW0uc,EFQ78c,EGNJFf,FSc7tf,GILUZe,H4RQsd,Hjkoe,HyhIue,I6YDgd,IZT63,JNoxi,Jkqotb,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MIIQB,MRcHif,MdUzUe,MfVatf,MpJwZc,Mq9n0c,MxVzvd,NG09oe,NKIqxb,NwH0H,O1Gjze,O6y8ed,OmccEb,OmgaI,PQaYAf,PrPYRd,QIhFr,RLw19,RMhBfe,Ru0Pgb,S9Bhuc,SF88Ef,SM1lmd,SdcwHb,SpTAFc,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,UfW3Hd,Ulmmrd,V3dDOb,VP4VG,VXdfxd,VkjdHd,VwDzFe,WDTLsd,WO9ee,Whpzpe,WxkY9,XGmYob,XVMNvd,YV1Fke,ZHduwf,ZfAoz,ZwDk9d,_b,_tp,a4N6Ae,a6pq1,aW3pY,aurFic,blwjVc,byfTOb,d7KRCb,dAR81,dPwZPd,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,fgj8Rb,g2JDKf,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,hpnRI,iSvg6e,jSvZHb,jxZhU,k3XnTe,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nYRqfb,o8u3Cf,oovi3d,p8L0ob,pNpd4d,pQWkX,pcJko,phD5td,pjICDe,pw70Gc,qAKInc,qHgWl,ryNBp,s39S4,tOLjce,thFYTd,uOVaAc,vH8gCd,w1EBhc,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zbML3c,zbPkme,zthM6/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=i5dxUd,bTi8wc,i5H9N,RAnnUd,PHUIyb,pxq3x,yRXbo,qNG0Fc,ywOR5c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

ea19cdb3eabfc4a81934c011c14102c3857b3ae3ed27f20156720f708870fb0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26304
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 19:57:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
expires: Fri, 14 Oct 2022 17:31:54 GMT

OPTIONS
H3 200 log
play.google.com/ 0
0 14ms
13ms Preflight
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 15 Oct 2021 07:10:22 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 log Show response
play.google.com/ 131 B
152 B 53ms
53ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 15 Oct 2021 07:10:22 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
460 B 44ms
14ms XHR
text/plain 172.253.120.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-115545151-2&cid=1802909143.1634281823&jid=1506858069&gjid=542089877&_gid=1279611285.1634281823&_u=YEBAAEAAAAAAAC~&z=1490648386

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.120.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wd-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 15 Oct 2021 07:10:22 GMT
content-type: text/plain
access-control-allow-origin: https://news.google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A4UTCb,A7fCU,BVgquf,BZ12ub,B... 6 KB
3 KB 10ms
8ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_default_ms.de.yhaXZDhNMQI.es5.O/ck=boq-dots.DotsSplashUi_default_ms.MmPkNIY8yWQ.L.B1.O/am=fAQKNAABgA/d=1/exm=A4UTCb,A7fCU,BVgquf,BZ12ub,BeJYtf,CLDLad,COQbmf,CkDnH,DVmNNd,E8sThf,EBW0uc,EFQ78c,EGNJFf,FSc7tf,GILUZe,H4RQsd,Hjkoe,HyhIue,I6YDgd,IZT63,JNoxi,Jkqotb,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MIIQB,MRcHif,MdUzUe,MfVatf,MpJwZc,Mq9n0c,MxVzvd,NG09oe,NKIqxb,NwH0H,O1Gjze,O6y8ed,OmccEb,OmgaI,PHUIyb,PQaYAf,PrPYRd,QIhFr,RAnnUd,RLw19,RMhBfe,Ru0Pgb,S9Bhuc,SF88Ef,SM1lmd,SdcwHb,SpTAFc,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,UfW3Hd,Ulmmrd,V3dDOb,VP4VG,VXdfxd,VkjdHd,VwDzFe,WDTLsd,WO9ee,Whpzpe,WxkY9,XGmYob,XVMNvd,YV1Fke,ZHduwf,ZfAoz,ZwDk9d,_b,_tp,a4N6Ae,a6pq1,aW3pY,aurFic,bTi8wc,blwjVc,byfTOb,d7KRCb,dAR81,dPwZPd,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,fgj8Rb,g2JDKf,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,hpnRI,i5H9N,i5dxUd,iSvg6e,jSvZHb,jxZhU,k3XnTe,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,nYRqfb,o8u3Cf,oovi3d,p8L0ob,pNpd4d,pQWkX,pcJko,phD5td,pjICDe,pw70Gc,pxq3x,qAKInc,qHgWl,qNG0Fc,ryNBp,s39S4,tOLjce,thFYTd,uOVaAc,vH8gCd,w1EBhc,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,yRXbo,ywOR5c,zbML3c,zbPkme,zthM6/excm=_b,_tp,topstories/esmo=1/ed=1/wt=2/rs=ALs0n2MoATIYenEWHcbvBP9CF_ijS5Wztw/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

530489d5ae5759b761429ca640dea82d42195a5430df7fc51ccbf806ecf95c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2929
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 19:57:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
expires: Fri, 14 Oct 2022 17:31:54 GMT

POST
H3 200 log Show response
play.google.com/ 131 B
152 B 27ms
27ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 15 Oct 2021 07:10:22 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

GET
H3 200 JDFOyo903E9WGstK0YhI2ZFOKR3h4qDxBngX5M8XJVBZFKzOBoxLmk3OVlgNw9SOE-HfkNgb=w32-rw
lh3.googleusercontent.com/ 426 B
451 B 7ms
7ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/JDFOyo903E9WGstK0YhI2ZFOKR3h4qDxBngX5M8XJVBZFKzOBoxLmk3OVlgNw9SOE-HfkNgb=w32-rw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

a003fde7b0d85120664e37896f4f795fecf02289eeab274ab57b0e801db6242c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 05:20:44 GMT
x-content-type-options: nosniff
age: 6579
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 426
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 25 Sep 2021 13:18:14 GMT

GET
H3 200 BY7hGYTvVnySPFwslENSS4AFzh_t2wM893lVW6KgAZOmOLHfv6kmsnmaPjRdPBLmxlJv1Bx88p9NnDAzWe4s0arL_l91f45VyHqdMKNR1_EZn7IKTyeG9gaAfpIWzK1ACTntMp1_nxhxmyVgFJ9BAQwsSuQ0=w100-h100-rw-dcIQWGDb4F
lh3.googleusercontent.com/proxy/ 3 KB
3 KB 10ms
7ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/BY7hGYTvVnySPFwslENSS4AFzh_t2wM893lVW6KgAZOmOLHfv6kmsnmaPjRdPBLmxlJv1Bx88p9NnDAzWe4s0arL_l91f45VyHqdMKNR1_EZn7IKTyeG9gaAfpIWzK1ACTntMp1_nxhxmyVgFJ9BAQwsSuQ0=w100-h100-rw-dcIQWGDb4F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

fa2d06fc3f2e62f1662f077cc20873a8bd4b3cf9d07cf9d0b901ae012dd6173c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 05:23:14 GMT
x-content-type-options: nosniff
server: fife
age: 6429
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2826
x-xss-protection: 0
expires: Sat, 16 Oct 2021 05:23:14 GMT

GET
H3 200 Eoa66bkFSs0OWb3xJOGWrKC9sM7ZYU5-yYew70QBfAPdB0R010G374wgCKO-v07AL5kjiV6S2zWLo-wzucouxIRZAAeiIPIDn0c9t4ZcAfk-2qw7rsnpuJlvNwiuKQb-QowQ8_VlOnZ5KAqa0u37AExcDzRxk2L2RUx_B3dLbhjIScRvhCjjUKWjOpoQtaR_iHpP1...
lh3.googleusercontent.com/proxy/ 3 KB
3 KB 12ms
8ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

7a3d71427a43c9eb6f1e030f9206c17382143ccaf96db1d7fc2094e09b538f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 05:31:01 GMT
x-content-type-options: nosniff
server: fife
age: 5962
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3104
x-xss-protection: 0
expires: Sat, 16 Oct 2021 05:31:01 GMT

GET
H3 200 dhF3JedfoqwMCADdfrisbrMlHQhfs3ds_NnzJwKv2I46tA4GWorVOb9xQS34Qw6yHGI7punDCKpOuk-YRFMbKgGFqJMQYbULoYV8bebbpUqL-qhDtnun8fM5vDMX1gNZr6zT6ZjA4sjoqfJHrKkqpJK0-PcqxoCWb6PtkhcI-FWeSbau3ZNTcNXYRSkYkiAAVwg=w...
lh3.googleusercontent.com/proxy/ 3 KB
3 KB 11ms
7ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/dhF3JedfoqwMCADdfrisbrMlHQhfs3ds_NnzJwKv2I46tA4GWorVOb9xQS34Qw6yHGI7punDCKpOuk-YRFMbKgGFqJMQYbULoYV8bebbpUqL-qhDtnun8fM5vDMX1gNZr6zT6ZjA4sjoqfJHrKkqpJK0-PcqxoCWb6PtkhcI-FWeSbau3ZNTcNXYRSkYkiAAVwg=w100-h100-rw-dcpTKUDB0J

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

6ab2176a572c95ea8c52d121582146a0d03ea456718149e617d4bb14dbda8609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 04:02:19 GMT
x-content-type-options: nosniff
server: fife
age: 11284
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3410
x-xss-protection: 0
expires: Sat, 16 Oct 2021 04:02:19 GMT

GET
H3 200 KEEHHx1GeukrpMHB52m-S6fWfpW45R1231Yt_VJ8d6VMmDAAOiZBDADKahaRAHqjjiRCKsD3Px_FYxIwkZ2FUJixTjt49YeexcMG-otLQKYRF3O8t2SeNn1MTGalyihpMgWdabU0FRqXLEsHJsyXbsIsILy9EOvkuL7ilNo6e3jF7Q=w100-h100-rw-dckWCAmCgJ
lh3.googleusercontent.com/proxy/ 5 KB
5 KB 13ms
9ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/KEEHHx1GeukrpMHB52m-S6fWfpW45R1231Yt_VJ8d6VMmDAAOiZBDADKahaRAHqjjiRCKsD3Px_FYxIwkZ2FUJixTjt49YeexcMG-otLQKYRF3O8t2SeNn1MTGalyihpMgWdabU0FRqXLEsHJsyXbsIsILy9EOvkuL7ilNo6e3jF7Q=w100-h100-rw-dckWCAmCgJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

5f574f43e71be9d28de57a1996d1b9239d932bcf165a1762df06a4381ba1676c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 06:03:52 GMT
x-content-type-options: nosniff
server: fife
age: 3991
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4798
x-xss-protection: 0
expires: Sat, 16 Oct 2021 06:03:52 GMT

GET
H3 200 OMIZNhvNEnLvp-888k6k8FDTWOStHQv6sACCYeoJOu4Zo3TEzFoANpq48ynlcRJHSBFmodRQaCjHmIZ8VeVtlSp5ASljsifSK2SsYfkCJdOx4Fb8pXrk5g-oPI_lvN0-u4AGPPlitnF0Dvtor8GkySSGgSMw4n7NGHMweSX5Ugwrr43_8ENfdKXrquMXzncwhTZdc...
lh3.googleusercontent.com/proxy/ 3 KB
3 KB 13ms
9ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/OMIZNhvNEnLvp-888k6k8FDTWOStHQv6sACCYeoJOu4Zo3TEzFoANpq48ynlcRJHSBFmodRQaCjHmIZ8VeVtlSp5ASljsifSK2SsYfkCJdOx4Fb8pXrk5g-oPI_lvN0-u4AGPPlitnF0Dvtor8GkySSGgSMw4n7NGHMweSX5Ugwrr43_8ENfdKXrquMXzncwhTZdcEdcp98FUfFaCU-gXkfujwWBuuyQnQQX9W68whIyRxEr9C53PmVmtwTmJ0wfzmTEBg2uE_U3e3iM_Dc=w100-h100-rw-dcnWSMKqoH

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

4c4d59f18995d227af2b7c46cb405c12f2961dfa4bf93b1211c0b00a9c430a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 06:34:53 GMT
x-content-type-options: nosniff
server: fife
age: 2130
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2588
x-xss-protection: 0
expires: Sat, 16 Oct 2021 06:34:53 GMT

GET
H3 200 VxoPHM6-Cd-ffdpRhyQsmGGO4eLKzHM63si2WZd7QNcCVoqmGDYph_et9I0IIjbF0qaINnTk-iAc2XLSeKI-8DWFzJLZKKs52AepCkJZR98rTLKVO7uvhAynD2_h0jb-S2QP3gd3tm5KYGOrVVZhLJF8e31-mqDTmgImPUo0xhFD6sF4tGvQS1Pfq5w=w100-h100...
lh3.googleusercontent.com/proxy/ 3 KB
3 KB 10ms
9ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

41574cd9b464c157d301d4ee987c1c13a7d69cedc984aec0c3c4b169e3c005af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 06:01:10 GMT
x-content-type-options: nosniff
server: fife
age: 4153
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3042
x-xss-protection: 0
expires: Sat, 16 Oct 2021 06:01:10 GMT

GET
H3 200 z0CMgedJerstx9LEK-P7cEdR_CV0IH8b3VAnZ03iKFalGNQi6UqRJl2z3r70mzbRFYf9XeINZqBEIUh8o16C8wOvb-kxGDIKTwo9GNizRTvnhHeCeIfW3zYVa9nVNR9u=w100-h100-rw-dcDTGWppwJ
lh3.googleusercontent.com/proxy/ 3 KB
4 KB 11ms
9ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/z0CMgedJerstx9LEK-P7cEdR_CV0IH8b3VAnZ03iKFalGNQi6UqRJl2z3r70mzbRFYf9XeINZqBEIUh8o16C8wOvb-kxGDIKTwo9GNizRTvnhHeCeIfW3zYVa9nVNR9u=w100-h100-rw-dcDTGWppwJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

206f1f0104c10a76fab01cf233023ed16b414676dda309392a18adcc0749cc6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 04:37:00 GMT
x-content-type-options: nosniff
server: fife
age: 9203
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3562
x-xss-protection: 0
expires: Sat, 16 Oct 2021 04:37:00 GMT

GET
H3 200 E81oLciyZ69huv0HDNt29nLqArrDf3uOgtm09p33lqcTn2RhxFlE5HQ_rdRmeIyqNhp75ZAoc4NQc4iAPGqAGiN9FyfH2uCJmcm9tkwNhgEwCyDJePbA3Xrymju8fjc35qE7MgZX1dSvpREs4i4J8mM3_1O9r65OJ2biommGMEj4Wg=w100-h100-rw-dcgSCWghj...
lh3.googleusercontent.com/proxy/ 5 KB
5 KB 11ms
9ms Image
image/webp 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/E81oLciyZ69huv0HDNt29nLqArrDf3uOgtm09p33lqcTn2RhxFlE5HQ_rdRmeIyqNhp75ZAoc4NQc4iAPGqAGiN9FyfH2uCJmcm9tkwNhgEwCyDJePbA3Xrymju8fjc35qE7MgZX1dSvpREs4i4J8mM3_1O9r65OJ2biommGMEj4Wg=w100-h100-rw-dcgSCWghjqJUQD

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

d4a23c0d5b61b574a12f748e1534a92930149b863f1adfb145621eaefe77add7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 05:22:43 GMT
x-content-type-options: nosniff
server: fife
age: 6460
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5322
x-xss-protection: 0
expires: Sat, 16 Oct 2021 05:22:43 GMT

OPTIONS
H3 200 log
play.google.com/ 0
0 14ms
14ms Preflight
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 15 Oct 2021 07:10:23 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 log Show response
play.google.com/ 131 B
152 B 89ms
60ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 15 Oct 2021 07:10:23 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

POST
H3 200 browserinfo Show response
news.google.com/_/DotsSplashUi/ 91 B
133 B 44ms
44ms XHR
application/json 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/DotsSplashUi/browserinfo?f.sid=-3130877269291430088&bl=boq_dotssplashserver_20211012.13_p0&hl=de&gl=DE&soc-app=140&soc-platform=1&soc-device=1&_reqid=125823&rt=j

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

ESF /

Resource Hash

a94cb1a3ddd72984e6f889cb84052ba3dde09067ba0c6772c35012ee22eae89c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
x-same-domain: 1
origin: https://news.google.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: NID=511=RSR9kfTf_yQHONzV57yyf-MqDc4XM9XGQfEXRmTQsWvdLmZIuVvpSi3uIyHeTZLoSzQ2Mvv13e0mnjN_tliMuGlpTg3TiYtH83JLbXWK2q3IUwIUZFSixmRddMMQFblBeVN1PDiWnkiuYhdo0R0SanVyiL0DZVGEV8-pBGgdP58; GN_PREF=W251bGwsIkNBSVNEQWpkMHFTTEJoRGdpOFgzQWciXQ__; _ga=GA1.3.1802909143.1634281823; _gid=GA1.3.1279611285.1634281823; _gat_UA1155451512=1; OTZ=6199630_56_56__56_
content-length: 132
:path: /_/DotsSplashUi/browserinfo?f.sid=-3130877269291430088&bl=boq_dotssplashserver_20211012.13_p0&hl=de&gl=DE&soc-app=140&soc-platform=1&soc-device=1&_reqid=125823&rt=j
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded;charset=UTF-8
accept: */*
cache-control: no-cache
:authority: news.google.com
referer: https://news.google.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
X-Same-Domain: 1
Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 15 Oct 2021 07:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 02:21:33	Name: NID Value: 511=RSR9kfTf_yQHONzV57yyf-MqDc4XM9XGQfEXRmTQsWvdLmZIuVvpSi3uIyHeTZLoSzQ2Mvv13e0mnjN_tliMuGlpTg3TiYtH83JLbXWK2q3IUwIUZFSixmRddMMQFblBeVN1PDiWnkiuYhdo0R0SanVyiL0DZVGEV8-pBGgdP58
news.google.com/	1970-01-20 02:20:49	Name: GN_PREF Value: W251bGwsIkNBSVNEQWpkMHFTTEJoRGdpOFgzQWciXQ__
.news.google.com/	1970-01-20 15:29:13	Name: _ga Value: GA1.3.1802909143.1634281823
.news.google.com/	1970-01-19 21:59:28	Name: _gid Value: GA1.3.1279611285.1634281823
.news.google.com/	1970-01-19 21:58:01	Name: _gat_UA1155451512 Value: 1
news.google.com/	1970-01-19 22:41:13	Name: OTZ Value: 6199630_56_56__56_

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
bd7f1ccc.d26218.cn
fonts.gstatic.com
lh3.googleusercontent.com
news.google.com
play.google.com
ssl.gstatic.com
stats.g.doubleclick.net
www.google-analytics.com
www.gstatic.com
104.21.57.75
142.250.184.238
142.250.185.195
142.250.185.238
142.250.185.97
172.217.18.110
172.217.18.99
172.253.120.157
07367e12cfb6e047f1aedca46c873dd35cf4dbf2153abc6f2e5520cd7d58e4ef
1540692f1d2608c1ed7dc523ce638eac9cfb25618aefcd011db034665acc1b59
17de91306fef5c8273bab068dae37d697fcd9f0b741b125e331f1684599ff232
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
206f1f0104c10a76fab01cf233023ed16b414676dda309392a18adcc0749cc6e
20dfe1ecf39f8bf59e5388e5de161493a943e53bfa3805f050f5dbf389cd1fff
22904c61ee813e8259530031378a199b4a6b174e9e495dee516b31a958a3207d
2ad0b32f360e1d030aa6c709d003758cf5336b7ef8dfc07dbee9397de4e4a22f
2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0
3921b650819f76cdd0c19c6cf1a36a8d995831373e8bfc8faa9db553cb633470
3bcc7c9abbeb7376e294863204e07258e5e2af2c403f2e5a8a37b0b4c81ae960
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41574cd9b464c157d301d4ee987c1c13a7d69cedc984aec0c3c4b169e3c005af
4264c89a857674e632e7fa7647f3904b6b90eda5ba53bac9dcf9db10a40ef8d4
4c4d59f18995d227af2b7c46cb405c12f2961dfa4bf93b1211c0b00a9c430a4f
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
506ac8f1116da2a136f8d8a48a383339af3bedd7f16c0c90cd0a2f0b0cbd526c
52975e4ddcdf7b4c909aec9ab482e068706261e071c26ce60c8823d8ace77738
530489d5ae5759b761429ca640dea82d42195a5430df7fc51ccbf806ecf95c58
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ba76e08c8810ee6154d0a57d9588043df22eb03dfafd8c258042c1dc349e56a
5cefc541d01931650ab86c1ec1e5736ef26bd20ffc204da5db7ae770b817d748
5f24b386022c45f994e0f398061ca31c865755eb1f5611e281bdb9ed01025d63
5f574f43e71be9d28de57a1996d1b9239d932bcf165a1762df06a4381ba1676c
5f6c6c88f646afcae961eeba23c721d488fa1c3cc1596f6bdcc9d216d523ad0c
673ae8017da4045e2d00ec184c35a4da33811e2563b036ebeffb774c687e95b4
673da956cf35b3de4907f0f274ddacc80fdf498297b82d288081857858e6e445
6ab2176a572c95ea8c52d121582146a0d03ea456718149e617d4bb14dbda8609
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
6c64e26b2aa5d0470f969d97cbf82d9c26d00f2ab58316fa5bb1dd759a9872b2
7a3d71427a43c9eb6f1e030f9206c17382143ccaf96db1d7fc2094e09b538f69
80a5788d64c5224c555f9e4180fc11cc282a7194ddf47df34160e30042716872
823ca38906d6e0578eba50dda1509e93701b55fba4c746e05180571427a5c493
885e2be527e74dd8cbc26f3832b6b96618a7cd25ff7560d26fb8607bfec95dc7
8a15c4f725bbaee1e2f802b4a98fdbe7bb194b4eaa2e483e10202b71038aecda
8eaec744ab8c2ed5aa9dd20c8b7f2460309aafdda3c2e925171d3408332cf570
8fb91289ac6cbc0b87f7a07c20eb302e3740cab20c7d218af9f3f40b6d953c9f
92fb8490854f76158950d1b373fe6345d6a132677c2d71fad61a10737526165d
9468dace0d0f0c302ea15d7adac73dd5442c87d5679f1bd7c7997a66625006b4
99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52
a003fde7b0d85120664e37896f4f795fecf02289eeab274ab57b0e801db6242c
a5fa5e00257df5e71ac464446b02c3904507e173448b29b84f602ab1c46b377c
a92a85a688127572f3fec3cb094764a05a9148e93f92dbc0865c190cb99745cd
a94cb1a3ddd72984e6f889cb84052ba3dde09067ba0c6772c35012ee22eae89c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef37d7d73e1b534598eed07da5b3e47446300e934498002afa8ef90d529410e
b5eb8ab8c1f64c05cb870eda8f2f64b5a9f111cba8cde29f6566f011d434611b
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
c79684f71f9109707e2c2670d91c326ba8b6386a299182ad68cd4a6c86b64256
cb168f15c5bdb0dde8ea6032e9ce135d85b080c8ae8f91ec0ca095243a6c086b
d4a23c0d5b61b574a12f748e1534a92930149b863f1adfb145621eaefe77add7
dcd335c0cce47db4db073b2ef8dc11d4dd6d8a5e5e7c657e0536633302992e60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea19cdb3eabfc4a81934c011c14102c3857b3ae3ed27f20156720f708870fb0e
f3f33d597f5f05c8363d19b277ec2a87ad4353e75240246ecdc474ae13a655b4
fa2d06fc3f2e62f1662f077cc20873a8bd4b3cf9d07cf9d0b901ae012dd6173c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

news.google.com Open in urlscan Pro 172.217.18.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

99 %HTTPS

0 %IPv6

6 Domains

10 Subdomains

8 IPs

2 Countries

1180 kBTransfer

3602 kBSize

6 Cookies

9 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

news.google.com Open in urlscan Pro
172.217.18.110 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

99 %
HTTPS

0 %
IPv6

6
Domains

10
Subdomains

8
IPs

2
Countries

1180 kB
Transfer

3602 kB
Size

6
Cookies

71 HTTP transactions
0 data transactions