Submitted URL: https://storage.googleapis.com/issosales/hrefly.html#?Z289MSZzMT0xMTQ1MDI2JnMyPTQyMzI0NzA5JnMzPVVT
Effective URL: https://all-news.co/
Submission: On June 25 via api from BE

Summary

This website contacted 35 IPs in 6 countries across 29 domains to perform 276 HTTP transactions. The main IP is 2606:4700:3032::ac43:8293, located in United States and belongs to CLOUDFLARENET, US. The main domain is all-news.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 2nd 2020. Valid for: a year.
This is the only time all-news.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 1 134.119.194.231 29066 (VELIANET-...)
1 58 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.190.90.202 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 29 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.230 15169 (GOOGLE)
3 2600:1901:0:7... 15169 (GOOGLE)
39 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 2620:116:800d... 16509 (AMAZON-02)
4 4 18.195.172.136 16509 (AMAZON-02)
6 6 35.186.253.211 15169 (GOOGLE)
5 6 185.64.189.115 62713 (AS-PUBMATIC)
3 3 69.173.144.139 26667 (RUBICONPR...)
2 2a05:d01c:1d8... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 4 35.244.174.68 15169 (GOOGLE)
4 4 23.45.99.241 16625 (AKAMAI-AS)
2 34.98.67.61 15169 (GOOGLE)
1 1 52.18.11.109 16509 (AMAZON-02)
1 1 79.137.68.187 16276 (OVH)
6 104.111.239.217 16625 (AKAMAI-AS)
9 46.236.13.147 24931 (DEDIPOWER)
3 13.225.87.68 16509 (AMAZON-02)
3 81.29.72.47 24931 (DEDIPOWER)
6 52.213.6.221 16509 (AMAZON-02)
3 65.9.77.116 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
276 35
Apex Domain
Subdomains
Transfer
58 all-news.co
all-news.co
1 MB
43 doubleclick.net
googleads.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
105 KB
40 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
305 KB
39 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
2 MB
17 gstatic.com
fonts.gstatic.com
www.gstatic.com
246 KB
12 webgains.io
analytics.webgains.io
api.webgains.io
analytics-wg.webgains.io
315 KB
12 webgains.com
track.webgains.com
diapi.webgains.com
296 KB
7 googletagservices.com
www.googletagservices.com
254 KB
6 m-t.io
w-it.m-t.io
669 B
6 awin1.com
www.awin1.com
4 KB
6 pubmatic.com
image6.pubmatic.com
2 KB
6 openx.net
rtb.openx.net
2 KB
6 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
13 KB
6 google.com
adservice.google.com
www.google.com
970 B
5 googleapis.com
storage.googleapis.com
fonts.googleapis.com
4 KB
4 addthis.com
e.dlx.addthis.com
3 KB
4 rlcdn.com
id.rlcdn.com
1 KB
4 agkn.com
d.agkn.com
3 KB
4 quantserve.com
cms.quantserve.com
2 KB
3 rubiconproject.com
pixel.rubiconproject.com
1 KB
2 mookie1.com
odr.mookie1.com
430 B
2 innovid.com
ag.innovid.com
591 B
2 google.de
adservice.google.de
975 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 steadfastsystem.com
steadfastsystem.com
31 KB
1 gemius.pl
googlecm.hit.gemius.pl
340 B
1 everesttech.net
pixel.everesttech.net
375 B
1 googleadservices.com
partner.googleadservices.com
656 B
1 onesignal.com
cdn.onesignal.com
3 KB
276 29
Domain Requested by
58 all-news.co 1 redirects storage.googleapis.com
all-news.co
28 cm.g.doubleclick.net 2 redirects googleads.g.doubleclick.net
all-news.co
25 tpc.googlesyndication.com googleads.g.doubleclick.net
steadfastsystem.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
18 assets.ad4m.at as.ad4m.at
15 ad4m.at googleads.g.doubleclick.net
ad4m.at
15 pagead2.googlesyndication.com all-news.co
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
storage.googleapis.com
14 fonts.gstatic.com fonts.googleapis.com
9 track.webgains.com as.ad4m.at
analytics.webgains.io
track.webgains.com
7 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 w-it.m-t.io analytics-wg.webgains.io
6 api.webgains.io analytics.webgains.io
6 www.awin1.com as.ad4m.at
6 as.ad4m.at ad4m.at
as.ad4m.at
6 image6.pubmatic.com 5 redirects googleads.g.doubleclick.net
6 rtb.openx.net 6 redirects
4 e.dlx.addthis.com 4 redirects
4 id.rlcdn.com 2 redirects googleads.g.doubleclick.net
4 d.agkn.com 4 redirects
4 cms.quantserve.com 2 redirects googleads.g.doubleclick.net
4 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
4 fonts.googleapis.com all-news.co
googleads.g.doubleclick.net
3 analytics-wg.webgains.io analytics.webgains.io
3 diapi.webgains.com track.webgains.com
3 analytics.webgains.io track.webgains.com
3 static-de.ad4mat.net ad4m.at
3 pixel.rubiconproject.com 3 redirects
3 prod-rtb.ad4mat.net storage.googleapis.com
3 www.gstatic.com googleads.g.doubleclick.net
2 odr.mookie1.com googleads.g.doubleclick.net
2 ag.innovid.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com all-news.co
www.google-analytics.com
2 steadfastsystem.com all-news.co
steadfastsystem.com
1 googlecm.hit.gemius.pl 1 redirects
1 pixel.everesttech.net 1 redirects
1 ad.doubleclick.net steadfastsystem.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.onesignal.com all-news.co
1 storage.googleapis.com
276 41

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1
2021-05-24 -
2021-08-16
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-12-02 -
2021-12-01
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-31 -
2021-08-23
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
steadfastsystem.com
R3
2021-06-16 -
2021-09-14
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.google.de
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.google.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.ad4mat.net
AlphaSSL CA - SHA256 - G2
2019-08-06 -
2021-09-08
2 years crt.sh
www.google.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2020-10-02 -
2021-10-07
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018
2020-02-07 -
2022-04-07
2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-22 -
2022-03-25
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA
2021-06-11 -
2022-06-16
a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-20 -
2022-06-20
a year crt.sh
*.webgains.io
Amazon
2021-03-12 -
2022-04-10
a year crt.sh
w-it.m-t.io
GTS CA 1D4
2021-06-07 -
2021-09-05
3 months crt.sh

This page contains 32 frames:

Primary Page: https://all-news.co/
Frame ID: 3484E26D07EF442CD8169593BA50261B
Requests: 85 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210623/r20190131/zrt_lookup.html
Frame ID: B9A5DA8BA939B23D5B151334F988E9C1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1624586536&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536187&bpp=6&bdt=1602&idt=212&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6215114917117&frm=20&pv=2&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=227
Frame ID: 9DBF684AE5C85F4A949E180BF1367B37
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
Frame ID: B3584A0DC08BF3362DD3B2A7502606BB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Frame ID: 3899D95E3AED9509205814988EBFDB9C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Frame ID: 6298D10FBE1783BF1D798226B97C5464
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Frame ID: 99CCDF9EA0F9A31F4717482EF9042F12
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Frame ID: 7AA20E33A4F41BAC5A77BC29574114EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Frame ID: 49AF1E5F64DD12A43B46E23DE133EFF5
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CiyBbKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEtgFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3uUhAUDqcLCiypHBmlCRDH9dO4AGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTg0MzkwMjQ4NzczMzEwNDk&sigh=El53MOa-k0k
Frame ID: A2B60E2F8624DA494F7780C22CDCA0E6
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1g5sxvahccwpm8q4e0abnt88t3x7jv29sehtfhvy0ctbgbmh4ehrj14ndd3z6hy8qasqfmfyxw1yk646mn54b67wqez0k1bqa9s41chk8cgqm957p69499672zqtkdk1t9xsznznt7k43jeh77mec7f2168cz89aych115et8pjnj8yjbf6wh641h44zwj0an0q8sqfzbw54je2qm7hcjfx2g432xj3wdvw432j49jynfbc1tec94md59fwb1jny75nrskdw3q9e9mgrdc30g1v5r9rvaamn0n2c5064kffztvs12k8npzpx28408trpm7kva46033qkg4gpz5z839t42wvwhcap28q6qwrz9es0hgqcwv8ffz9efrv3j&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%26client%3Dca-pub-8439024877331049%26adurl%3D
Frame ID: 85869AECDD3A6DB4A2907624E7DE57BB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5EE8F612E17F4BF970FDAAE617ADAE62
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 3D379E70B0995556982C38843B74C6BC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Frame ID: 507E669E126192DBF760A82A7F916D7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CciT5KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvAFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROWKj7VWJS0UQcUippO5ONXl9GIAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTg0MzkwMjQ4NzczMzEwNDk&sigh=CwITy_oWK24
Frame ID: 1E9D2365A2374EF35EC32677C7FFD894
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1j4deb8cdft3f850rys4f67z7dd3fr97emdq1k1rg77fsqf2yv6qj2gse2e1rdt4js1daz0k8kwp52gdxbp7babrkzn6jjy6n230tmb70e233kjdpnaa076yt13xh20gm0ce2rbm6ch9fgzrvfat1d2f3cb14vpkkgs9asbq2wtxfvjn2y8kmwqtkqq5vdzw622zvw2chyk42g6gz5wp1b9rgcdg9h4d27ba7mynmw11qgancp3xqvpk5mcmz28h0cm9ej7hdy51r5fxc1pa8j99a9rysrg7kecsdynard6g4gmk4ph21hv1gyqpxq7azdfb465g7462hh7meayb9jebgnsgfk638h5vzswdnr1rjwz4kxfn6ntkqqz28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%26client%3Dca-pub-8439024877331049%26adurl%3D
Frame ID: AE1DEB531FA2A6C41314A2B41B214340
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C225CF7D7AF4303D98CC8EDAC0ED77DE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6F2628BB900E7F0ED54463D30E6C216A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cpi49KDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS2AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQOIQ3EvPzVeZYJyCvdyhZedIIgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItODQzOTAyNDg3NzMzMTA0OQ&sigh=6UbMF9Vjzu8
Frame ID: C33FF348EE5D4126DB94B23C439EC61E
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1jqjdqm14zkkem7m07c084kvk3bphhzqy4qthmnfn5w8v1fedcya0308jzchceh0s82vs9h19fzkxbrkbkyvjr5wch34af0r98d1hjn466fxcjbccg278215gbkdc0td1wf368793n72vmt6f7ny8czdy0enpgfxt5b86dh4msecwcndrddf0vpc7kxk3m2w39kk104q957wxy8p0hey94yyeap1zy9zebchqpapv019b6d3djtcjf70zgj3c0vkhwnqje8e6wdztbxvf21zygtmv6tz7nb3ptfd72zf8nmwfkss4ne1v2x99b57cxnzctx08cgccervnwpv96jqnd9p23j06z44e8zfr0mckcybwb5h2fgr7a82a4yy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%26client%3Dca-pub-8439024877331049%26adurl%3D
Frame ID: 596E1D3C237C9DDF6DA27B2ED24961FD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8246082EA782008A43868A570FA1F97
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3EC0E9CF8612723CC80C08CC76564FBA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 21900394612E4769C9144406062D354D
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: DCC94F45654EE698F376ED21AF1F0F7B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Frame ID: 1EFAC330365152B9DC03D65F0B2CE951
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A6737994E90146F41D029D84B45F5B97
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Frame ID: 742465508462C91CD0DA77911B84231B
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Frame ID: C75B9DBDFB8518D1A1CF7897F47922EF
Requests: 19 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Frame ID: E0D10C6C3A5876D217CFDEA18E8742EB
Requests: 19 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Frame ID: 14069C4203B4524BCD12443298811FD1
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 60F7B2F0B7E7E0208C891CC5B1750C16
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B7A3BDDCA95E392D78C1299BFB3B27B3
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://storage.googleapis.com/issosales/hrefly.html Page URL
  2. http://134.119.194.231/??Z289MSZzMT0xMTQ1MDI2JnMyPTQyMzI0NzA5JnMzPVVT HTTP 302
    http://all-news.co/ HTTP 301
    https://all-news.co/ Page URL

Page Statistics

276
Requests

98 %
HTTPS

54 %
IPv6

29
Domains

41
Subdomains

35
IPs

6
Countries

4998 kB
Transfer

8196 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/issosales/hrefly.html Page URL
  2. http://134.119.194.231/??Z289MSZzMT0xMTQ1MDI2JnMyPTQyMzI0NzA5JnMzPVVT HTTP 302
    http://all-news.co/ HTTP 301
    https://all-news.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEHUAChaVt4ejHQlMqrZdUmE&google_cver=1&google_push=AYg5qPI8TVDCmXhUlaH2IPbZcpx803ZeFctdgjuAL7yVB22P5psOxW0ZKnrYhwUeoocihKUnrHO66kW5pPe4ZC5wHimL_tEa1omu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI8TVDCmXhUlaH2IPbZcpx803ZeFctdgjuAL7yVB22P5psOxW0ZKnrYhwUeoocihKUnrHO66kW5pPe4ZC5wHimL_tEa1omu&google_hm=Q0FFU0VIVUFDaGFWdDRlakhRbE1xclpkVW1F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI8TVDCmXhUlaH2IPbZcpx803ZeFctdgjuAL7yVB22P5psOxW0ZKnrYhwUeoocihKUnrHO66kW5pPe4ZC5wHimL_tEa1omu&google_hm=Q0FFU0VIVUFDaGFWdDRlakhRbE1xclpkVW1F&google_tc=
Request Chain 94
  • https://rtb.openx.net/sync/dds?google_gid=CAESECBbNjm3ARfXAd_BGNtW3Us&google_cver=1&google_push=AYg5qPJJZCPoKhFBJgoh454xDnBUY6Y3OyWQd1zLjwgdKzMX043E7l6p2jbi1QCH-bOZ891njJzkGND-aVp70eYJwtCs2S6mtyk HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESECBbNjm3ARfXAd_BGNtW3Us&google_cver=1&google_push=AYg5qPJJZCPoKhFBJgoh454xDnBUY6Y3OyWQd1zLjwgdKzMX043E7l6p2jbi1QCH-bOZ891njJzkGND-aVp70eYJwtCs2S6mtyk&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJJZCPoKhFBJgoh454xDnBUY6Y3OyWQd1zLjwgdKzMX043E7l6p2jbi1QCH-bOZ891njJzkGND-aVp70eYJwtCs2S6mtyk
Request Chain 95
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDReIPC8YzfVcuVrW9oBFGI&google_cver=1&google_push=AYg5qPIAnVtarQvvLY56m26ODDGvykkXJwThYXtH-JNSbqR2FAui5gbrpjlgGLxEA5l6CZLm2lbhqxBmIN-6g0qG2kmZHIn-kUbZ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDReIPC8YzfVcuVrW9oBFGI&google_cver=1&google_push=AYg5qPIAnVtarQvvLY56m26ODDGvykkXJwThYXtH-JNSbqR2FAui5gbrpjlgGLxEA5l6CZLm2lbhqxBmIN-6g0qG2kmZHIn-kUbZ&rdf=1
Request Chain 96
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE9yod3P_xdInSJFkoTU8dM&google_cver=1&google_push=AYg5qPJMPvYNU25XA9W4Qb3_z1nWeZ5uzYYQvPl7rsnHOnoX2FbkbXBBp-msDOqezBp5te6mNVg7v1dMGMtpRM8sll41QHqaVhs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZNVTItNi00UVVD&google_push=AYg5qPJMPvYNU25XA9W4Qb3_z1nWeZ5uzYYQvPl7rsnHOnoX2FbkbXBBp-msDOqezBp5te6mNVg7v1dMGMtpRM8sll41QHqaVhs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZNVTItNi00UVVD&google_push=AYg5qPJMPvYNU25XA9W4Qb3_z1nWeZ5uzYYQvPl7rsnHOnoX2FbkbXBBp-msDOqezBp5te6mNVg7v1dMGMtpRM8sll41QHqaVhs&google_tc=
Request Chain 97
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1
Request Chain 141
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKlBrW794cX36TcQ5WB0tac&google_cver=1&google_push=AYg5qPIY0w_p4Lplt58y3px6D_vPCjxJj0hxYXANuFFja1_cyTYrfPubKGtctKr3RHpXsvpyjhlZj4gtVoUan-V3Qg6Lhs150ww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIY0w_p4Lplt58y3px6D_vPCjxJj0hxYXANuFFja1_cyTYrfPubKGtctKr3RHpXsvpyjhlZj4gtVoUan-V3Qg6Lhs150ww&google_hm=Q0FFU0VLbEJyVzc5NGNYMzZUY1E1V0IwdGFj
Request Chain 142
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLPyVTfMHcVlwaB1t7Q7fWi9jBhnAdYnlG5xTbY4bVouvbCmr3LY7UkBXd2UgZMqxbu_SJnURhlgZP8PP8CToiMnUAEP6-g&google_gid=CAESEF5y9O558r7RSPPe8PpOCK8&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKny1IYGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMUHlWVGZNSGNWbHdhQjF0N1E3ZldpOWpCaG5BZFlubEc1eFRiWTRiVm91dmJDbXIzTFk3VWtCWGQyVWdaTXF4YnVfU0puVVJobGdaUDhQUDhDVG9pTW5VQUVQNi1n HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTUU3czJXQUJLeTdPZGRVTEN5WThBWDVaVFhnTHB2WnFTam5xTlhiQi1UOA==&google_push
Request Chain 143
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIMkcZGOeJTCs3g-4HBWu3lKNa4BJfCmssymwMqO8AY1ZzlaRWQkh4MNHi_J54FnEpJN4seHdJbVqELbYDB_JEYcOf0EW2D&google_gid=CAESENyUSxbU4uVCw1KnqIomj-k&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIMkcZGOeJTCs3g-4HBWu3lKNa4BJfCmssymwMqO8AY1ZzlaRWQkh4MNHi_J54FnEpJN4seHdJbVqELbYDB_JEYcOf0EW2D&google_gid=CAESENyUSxbU4uVCw1KnqIomj-k&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MjUwMjAyMTc4MjkyOTUwODQyODYwMg%3D%3D&google_push=AYg5qPIMkcZGOeJTCs3g-4HBWu3lKNa4BJfCmssymwMqO8AY1ZzlaRWQkh4MNHi_J54FnEpJN4seHdJbVqELbYDB_JEYcOf0EW2D
Request Chain 144
  • https://rtb.openx.net/sync/dds?google_gid=CAESEO7QViUTA8JH93AUWW51GHI&google_cver=1&google_push=AYg5qPIsVdItkaP2lBxigXZnOo4WgWaR5K36GKfX5Fc5myeDzgXUTIAqTf46OlXBmqmjbtmcUT0myyH29a2VLCx1wz5x3MqnsARb HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEO7QViUTA8JH93AUWW51GHI&google_cver=1&google_push=AYg5qPIsVdItkaP2lBxigXZnOo4WgWaR5K36GKfX5Fc5myeDzgXUTIAqTf46OlXBmqmjbtmcUT0myyH29a2VLCx1wz5x3MqnsARb&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIsVdItkaP2lBxigXZnOo4WgWaR5K36GKfX5Fc5myeDzgXUTIAqTf46OlXBmqmjbtmcUT0myyH29a2VLCx1wz5x3MqnsARb&google_hm=Kiwzpt_YzgQ0DC_2CvBG-g==
Request Chain 145
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1
Request Chain 153
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPTIh9SBaLE3sAX7GW9FM-w&google_cver=1&google_push=AYg5qPJfkmZfLgnOSGoSN3MsS6mY79nWtcu6D6Fo_xHmlQ9W2wBOQTheBKZdLmZlYP2d4Hj8lX2Wi2BPwkJ44lTSZj3HB2Mc_QbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJfkmZfLgnOSGoSN3MsS6mY79nWtcu6D6Fo_xHmlQ9W2wBOQTheBKZdLmZlYP2d4Hj8lX2Wi2BPwkJ44lTSZj3HB2Mc_QbI&google_hm=unTJ1mSYa0RNMrOdtZTSQQ
Request Chain 154
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENEmX_StsJ9-vZj3mUqASBw&google_cver=1&google_push=AYg5qPJogVwaPTlvMJhzwM3iHRR0VIJIQfk6xFkISHiUq39X-NiaXQ5uPmJu8RUcbH2Z7P3rVPGyPiXFCJ9wLcVDrNXjv7nLlTQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJogVwaPTlvMJhzwM3iHRR0VIJIQfk6xFkISHiUq39X-NiaXQ5uPmJu8RUcbH2Z7P3rVPGyPiXFCJ9wLcVDrNXjv7nLlTQ&google_hm=Q0FFU0VORW1YX1N0c0o5LXZaajNtVXFBU0J3
Request Chain 156
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJax2u64U7tT_HOgQirePhQ&google_cver=1&google_push=AYg5qPLBaxg88X826f84SaMbG0f5i1qNlxwYulJZwl4IYcBvf8HsUYm8HDdlxZzXb9kKDJKTQ27OwqZvplZjrwz1SHvRWVJ_QaeY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLBaxg88X826f84SaMbG0f5i1qNlxwYulJZwl4IYcBvf8HsUYm8HDdlxZzXb9kKDJKTQ27OwqZvplZjrwz1SHvRWVJ_QaeY&google_hm=Kiwzpt_YzgQ0DC_2CvBG-g==
Request Chain 157
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGNbd4ppVjDS_mR-K9AsjPU&google_cver=1&google_push=AYg5qPK_oR-XQT3fEPECa__Yc8d0fn3lTcOE2gAvkp9FNlPTkR1J0RhNmqJcZZz_9AOtJzY1WAI7-bunjGoMokEMAbhMbWoMKUzk HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGNbd4ppVjDS_mR-K9AsjPU&google_cver=1&google_push=AYg5qPK_oR-XQT3fEPECa__Yc8d0fn3lTcOE2gAvkp9FNlPTkR1J0RhNmqJcZZz_9AOtJzY1WAI7-bunjGoMokEMAbhMbWoMKUzk&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4FqU4oRDT6SPtNrGJ56Wrw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK_oR-XQT3fEPECa__Yc8d0fn3lTcOE2gAvkp9FNlPTkR1J0RhNmqJcZZz_9AOtJzY1WAI7-bunjGoMokEMAbhMbWoMKUzk
Request Chain 158
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECnaQokrojocyCDlHxt8awI&google_cver=1&google_push=AYg5qPIy2Dqdm66GoP99zQuiNuJlvdzp8WCEQXqp0MC-vhaofNerjfXCjaKzri07riRoAIJz9r9E3qcq4uKUESgQChv7xitK9Qed HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZOM0otRS0xWldR&google_push=AYg5qPIy2Dqdm66GoP99zQuiNuJlvdzp8WCEQXqp0MC-vhaofNerjfXCjaKzri07riRoAIJz9r9E3qcq4uKUESgQChv7xitK9Qed
Request Chain 159
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1
Request Chain 166
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGjCXocjV7y_5deyWwpqS_k&google_cver=1&google_push=AYg5qPKDrj1BqFHoGaXIWrSrvOUn-Xmc-EzqcDNCk9qCndDUwXAROuggDkuVUbM6AluaOnjOAKmbvfmDy_f7oKOc9ujuMAE1pn7z HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKDrj1BqFHoGaXIWrSrvOUn-Xmc-EzqcDNCk9qCndDUwXAROuggDkuVUbM6AluaOnjOAKmbvfmDy_f7oKOc9ujuMAE1pn7z&google_hm=unTJ1mSYa0RNMrOdtZTSQQ
Request Chain 168
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLSA4DU8SCbybvQ_Kfm0Sd-yP9drlN0ZgbKt2N83lCNOTBNmRv4aaCcrYhT6zjUgkAFLenYWsxorrH_7B6MyLbppC8gs7EldQ&google_gid=CAESELGrautQRi-j6OOiFar-dXU&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLSA4DU8SCbybvQ_Kfm0Sd-yP9drlN0ZgbKt2N83lCNOTBNmRv4aaCcrYhT6zjUgkAFLenYWsxorrH_7B6MyLbppC8gs7EldQ&google_gid=CAESELGrautQRi-j6OOiFar-dXU&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MjUwMjAyMTc4MjkyOTUwODQyODYwMg%3D%3D&google_push=AYg5qPLSA4DU8SCbybvQ_Kfm0Sd-yP9drlN0ZgbKt2N83lCNOTBNmRv4aaCcrYhT6zjUgkAFLenYWsxorrH_7B6MyLbppC8gs7EldQ
Request Chain 170
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDb8EVPgyly5iWnNG5v1sBE&google_cver=1&google_push=AYg5qPI1RYNh2Glbpw4CO7LyXVzIN0CTVlxm6QFn63YgOyZ-wXT5rXtxnIw1Jix5KdZhZ8di3RDy-UJshh4hsfv3-MVD8e4Alq5UBQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI1RYNh2Glbpw4CO7LyXVzIN0CTVlxm6QFn63YgOyZ-wXT5rXtxnIw1Jix5KdZhZ8di3RDy-UJshh4hsfv3-MVD8e4Alq5UBQ&google_hm=Kiwzpt_YzgQ0DC_2CvBG-g==
Request Chain 171
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEB5eCmM_FmeXgdRpmGheqi4&google_cver=1&google_push=AYg5qPKOF3wh240mWFFhcJ8yIBkSr4Nzb1aIIVi7_hMDEaNyuFY-ZrYqIMnHbh_zhDep8xX1o3C981KsKXWgGll3GCZfT4iB6sP9zA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xJ3Wgj-xQkaHLYA0n1ax5A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKOF3wh240mWFFhcJ8yIBkSr4Nzb1aIIVi7_hMDEaNyuFY-ZrYqIMnHbh_zhDep8xX1o3C981KsKXWgGll3GCZfT4iB6sP9zA
Request Chain 172
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_cver=1&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA
Request Chain 176
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJ7_q3FyW2aMu_eNeaMeBMdHUSAXdheePcFDDduMdRc7qe9zq0sRmvx4CA0EZra9G6sFzLaOgTSaQyCtJSTAyCtCDouPVQ&google_gid=CAESEFJwxhBgKkEwmyAqubTkWk4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5VNUtRQUFBSjFwTmstQQ&google_push=AYg5qPJ7_q3FyW2aMu_eNeaMeBMdHUSAXdheePcFDDduMdRc7qe9zq0sRmvx4CA0EZra9G6sFzLaOgTSaQyCtJSTAyCtCDouPVQ
Request Chain 177
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEMexd5MCgR5rDdFAdTopwlI&google_cver=1&google_push=AYg5qPJjh0ZA4L1AnbSu83n05LbYt2US2ZnY3Ng8fsTGV7Ypx9AoAKTfRIJB2a8e-GsYY2FZHsLrUqhnSO82Fj0-5sj0ctxZpHr6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJjh0ZA4L1AnbSu83n05LbYt2US2ZnY3Ng8fsTGV7Ypx9AoAKTfRIJB2a8e-GsYY2FZHsLrUqhnSO82Fj0-5sj0ctxZpHr6&google_hm=Q0FFU0VNZXhkNU1DZ1I1ckRkRkFkVG9wd2xJ
Request Chain 179
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN_MPzDPT7B95Mrbvf8tsZA&google_cver=1&google_push=AYg5qPLCboDZapssgetfrCplqTKbGvbYwP1bX_NtIoSy_C-7fOAmGMn1KzA-PaUeHzVv9EYKjaeRwgw0qRqN-wbK7rvJLi6ajV8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4FqU4oRDT6SPtNrGJ56Wrw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLCboDZapssgetfrCplqTKbGvbYwP1bX_NtIoSy_C-7fOAmGMn1KzA-PaUeHzVv9EYKjaeRwgw0qRqN-wbK7rvJLi6ajV8
Request Chain 180
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJclXSYyrde-HGwSE3_8H_Q&google_cver=1&google_push=AYg5qPIuinfOoTmXFwP3FcDWlmzqzRZLJOHRVLx7I15NyOTCC9R7R0n8GoeZ6K4pqPA5pxKHOwwCvrlxazNc33IaUNVV6fScoE55 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZONzYtWi03V0w5&google_push=AYg5qPIuinfOoTmXFwP3FcDWlmzqzRZLJOHRVLx7I15NyOTCC9R7R0n8GoeZ6K4pqPA5pxKHOwwCvrlxazNc33IaUNVV6fScoE55
Request Chain 181
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0&google_cver=1&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0
Request Chain 182
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ37dw6HNUHo3_eXatrcoII&google_cver=1&google_push=AYg5qPIg4YSSJkhFgwLvfRimSZ7Nt5jWyd4FzfNuVhUfnjxUrC80EZTpEWwFkHok82W-9Mh4u2-XUPPSUXhI8-0R9WCSBVnC3ZZVxQ HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIg4YSSJkhFgwLvfRimSZ7Nt5jWyd4FzfNuVhUfnjxUrC80EZTpEWwFkHok82W-9Mh4u2-XUPPSUXhI8-0R9WCSBVnC3ZZVxQ&google_hm=

276 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
hrefly.html
storage.googleapis.com/issosales/
246 B
521 B
Document
General
Full URL
https://storage.googleapis.com/issosales/hrefly.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6b20a6a07ab8b2f3e215ec0d2dd9c2da50dd3d9bf8d4595912d2a6ff9bd88593

Request headers

:method
GET
:authority
storage.googleapis.com
:scheme
https
:path
/issosales/hrefly.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-guploader-uploadid
ABg5-UzfkXG6F59IHL1TGkHg7iPOTm9R5xTEcAX8w7q6gDVSbW7JIqz7ds1DkipNqCW8qS_Y2EiY642MTcuvjKApb3k
expires
Fri, 25 Jun 2021 02:30:35 GMT
date
Fri, 25 Jun 2021 01:30:35 GMT
last-modified
Thu, 08 Apr 2021 01:12:38 GMT
etag
"f169dbc20fe4adfca3fc4f5e1444afc9"
x-goog-generation
1617844358683653
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
246
content-type
text/html
x-goog-hash
crc32c=U1B9Pw== md5=8Wnbwg/krfyj/E9eFESvyQ==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
246
server
UploadServer
age
1898
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Primary Request /
all-news.co/
Redirect Chain
  • http://134.119.194.231/??Z289MSZzMT0xMTQ1MDI2JnMyPTQyMzI0NzA5JnMzPVVT
  • http://all-news.co/
  • https://all-news.co/
572 KB
54 KB
Document
General
Full URL
https://all-news.co/
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/issosales/hrefly.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
b120b3a3189b7a9e64c28d88190480f819089049229db7714693dc3e06926d29

Request headers

:method
GET
:authority
all-news.co
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://storage.googleapis.com/issosales/hrefly.html#?Z289MSZzMT0xMTQ1MDI2JnMyPTQyMzI0NzA5JnMzPVVT

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.25
cf-edge-cache
cache,platform=wordpress
link
<https://all-news.co/wp-json/>; rel="https://api.w.org/" <https://all-news.co/wp-json/wp/v2/pages/1027>; rel="alternate"; type="application/json" <https://all-news.co/>; rel=shortlink
cf-cache-status
DYNAMIC
cf-request-id
0ae280527a00004ab6259c3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5zuI8wA1yDS9hfXWLevSOUqTZnlmwDFeYj8h7GLafLutYtdUmuK%2Fs%2BGEdI0CUBzlPsspLBLNm2NErcNyJzxSFBtQk0R%2F8fkbTEuTqyTFsJdPcpaKIx4B0isE0Y%2F4LLV2GmUQVl4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
664a9cca58734ab6-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date
Fri, 25 Jun 2021 02:02:13 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 25 Jun 2021 03:02:13 GMT
Location
https://all-news.co/
cf-request-id
0ae28052570000c2b307899000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=smceOaRnca43czYJ4k5IBxTp3eESUfOEkKxxSrRiBEnbL7kyJh7tut6ID6ew82%2FLRXpn9zVHd3xfFHvM1zIzqr1ln3wpTF5cnn4Xc4M3%2BYfH8Kp1mykDEk9ALpgrPpC6BphKawM%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
664a9cca2cb1c2b3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
style.min.css
all-news.co/wp-includes/css/dist/block-library/
57 KB
8 KB
Stylesheet
General
Full URL
https://all-news.co/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 14:30:28 GMT
server
cloudflare
etag
W/"e33b-5c003b4785ea5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=V2tCTRSkHKE4Jma5U8w9eKdsMbha4v%2FW67xi0%2BG3tRBVqyV68PohUl1o5HILmwFMNlNiLOC%2Bm2%2BRT0VGTDuBwfl%2FvWTPbcwvPIl%2BHMXNSBUp8N5uX0CALrq90v9Q4DTnl%2FPSTsY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
664a9cd149834e98-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28056ce00004e98fb98e000000001
cookie-law-info-public.css
all-news.co/wp-content/plugins/cookie-law-info/public/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://all-news.co/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.3
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

:path
/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=3109
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28056ce00004e981d101000000001
last-modified
Sun, 30 May 2021 00:00:13 GMT
server
cloudflare
etag
W/"c25-5c380cb083960"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=thi2JbZ1%2BLFR%2F8TBxlVr%2FVBw%2B30zs%2B6pFS6z8zBcTFU1JfQdg2oR3UWMaKbYhpOQc1IT4iQQorFgVvipFwFUOFab1kz9hs3cOlvAnnK2lEW5HtuBZ1cxo733WyVhp66xl0IvI%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
664a9cd149874e98-FRA
cf-bgj
minify
cookie-law-info-gdpr.css
all-news.co/wp-content/plugins/cookie-law-info/public/css/
22 KB
4 KB
Stylesheet
General
Full URL
https://all-news.co/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.3
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d641d794ffeb8ab4a93449307f4da1d4cb4a9c7020ad7da4c2f630b03de6d1f7

Request headers

:path
/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=28525
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28056ce00004e980ab1e000000001
last-modified
Sun, 30 May 2021 00:00:13 GMT
server
cloudflare
etag
W/"6f6d-5c380cb083960"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PDqJvixn4QpLflPNgcdoJtxMTgDGsvavKkGHQ5uJtDLTvzv5qHIB1zjrmasmba%2FvH1yq%2Bp03oP2KME0hJIvkpnegFUeSsCZyWuFe8iWaXGo0Smj7ZGwSpSt4cOQVqGBb3S1Gm98%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
664a9cd149854e98-FRA
cf-bgj
minify
form-basic.css
all-news.co/wp-content/plugins/mailchimp-for-wp/assets/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://all-news.co/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.6
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c518ad5d0adbc0754bac8b71c958312a6bd77d4e318500fec44d929e00f857ec

Request headers

:path
/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1682
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28056cf00004e986019a000000001
last-modified
Thu, 24 Jun 2021 15:50:11 GMT
server
cloudflare
etag
W/"692-5c584fa6bcff6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nnVAKA3mT95PSYiY6eSD77%2FOBwmOx5UyB2da0GyjLErjT9Yf0bA8a2%2FYGGXviQfjuuTzVsyfU0VQ3frxz9%2BBClq3i1yMOu7G%2FPS3J38RCu3t1Uw0CR4nay2McL6v4piq%2FqiWsC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
664a9cd149894e98-FRA
cf-bgj
minify
style.css
all-news.co/wp-content/plugins/td-newsletter/
6 KB
2 KB
Stylesheet
General
Full URL
https://all-news.co/wp-content/plugins/td-newsletter/style.css?ver=11
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8ae14082f4d2088f2bcc4f8e3da3955343dd1e39e0a5f9333c45d6428c3cfc5

Request headers

:path
/wp-content/plugins/td-newsletter/style.css?ver=11
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=5831
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28056cf00004e9820a73000000001
last-modified
Sat, 19 Jun 2021 15:29:55 GMT
server
cloudflare
etag
W/"16c7-5c5201cb84492"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=N8UcdzXAtojjUqhEw9BgsG8RPQsvnl735XYOt%2BJO2OjiN2rId9I7pbd0MaGUxB7CyYVAIFQ8sgPxorJpHwd7n1M6ayzFK5yMTMEEJqtDTpVnR%2FkPTPJs26zMhesWhNH1IRNEEfY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
664a9cd149884e98-FRA
cf-bgj
minify
style.css
all-news.co/wp-content/plugins/td-composer/td-multi-purpose/
36 KB
5 KB
Stylesheet
General
Full URL
https://all-news.co/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=978887166a39c57c36d5cf4a5ec10289
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583

Request headers

:path
/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=978887166a39c57c36d5cf4a5ec10289
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=37284
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28056cf00004e98573eb000000001
last-modified
Sat, 19 Jun 2021 15:29:35 GMT
server
cloudflare
etag
W/"91a4-5c5201b905db7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8XHpP8Fpt6C%2BkyS5Y%2FGsDj%2F5kkUCNUEjPejC6%2BITVZThZfjJqGuuzxqaagIrs4DXxXi%2B8%2FrQu0jLleFSobhwc372JeHkwE6BhG55m3emmY%2FKBr7pEEB91Mpk2PCDql4ODF15rnY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
664a9cd1498d4e98-FRA
cf-bgj
minify
css
fonts.googleapis.com/
17 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9f89adb807450b421fba04a426e97d1ee2fdd2ec3be9b67c0d9bb8531b782bce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 02:02:14 GMT
server
ESF
date
Fri, 25 Jun 2021 02:02:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Jun 2021 02:02:14 GMT
style.css
all-news.co/wp-content/themes/Newspaper/
104 KB
18 KB
Stylesheet
General
Full URL
https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6

Request headers

:path
/wp-content/themes/Newspaper/style.css?ver=11
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=149057
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28056cf00004e98e821a000000001
last-modified
Sat, 19 Jun 2021 15:29:28 GMT
server
cloudflare
etag
W/"24641-5c5201b25fb08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oh1XvBApDWqKP%2BVtA3Pnivy9SHmsEe%2BweIVAfVfD3GMwiuWrVlY9%2F6yVGcuX2QgFBeez0yLI0UT68DIi1%2Fvout%2BX42Mi%2BLZfts4PfGnW7ak5%2Bpmq3YRfIeg%2B8CRxwjG8OZpUxQw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
664a9cd1498c4e98-FRA
cf-bgj
minify
QoWmwStuyYWa.css
all-news.co/wp-content/uploads/mQfuTlzSXWhq/
3 KB
1 KB
Stylesheet
General
Full URL
https://all-news.co/wp-content/uploads/mQfuTlzSXWhq/QoWmwStuyYWa.css?ver=2.2.3
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da8d792ef771180eef9e592f2a3b5ebcc0f74eea6f5475d1a1e9e5665bb8448

Request headers

:path
/wp-content/uploads/mQfuTlzSXWhq/QoWmwStuyYWa.css?ver=2.2.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28056cf00004e98f681a000000001
last-modified
Mon, 26 Apr 2021 13:36:17 GMT
server
cloudflare
etag
W/"adc-5c0e03ae7e792"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5t4QiPsBrLllNSEamBDe%2Bs0TP0dABtuUzBpPYFlF48%2B8PopmxKtxoR1I2JR4opNDZJZCpOjbX6XWN2nYhKLwBJigEEHkKjr9HR4K2nlISBFGt600guQgy5YebTM5odYVZeSq7DA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
664a9cd1498b4e98-FRA
cf-bgj
minify
td_legacy_main.css
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/
125 KB
19 KB
Stylesheet
General
Full URL
https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b515a59174f30fe7c694f1b81a78f567ce671b24988e2e6e737ecaed26871af

Request headers

:path
/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=158728
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28056ce00004e9842338000000001
last-modified
Sat, 19 Jun 2021 15:29:35 GMT
server
cloudflare
etag
W/"26c08-5c5201b8741a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SFlWwslC9WAs5yzcsmhPNq2w98AqkKL5SzABJRgXYzZdknsFsnGMXwHTIoNkGeWmBOoLLcWJy2RHDf83OI7Te9sGo1uOVt0Mb%2Fs8i2xw5xSoM0IJ34eL9%2FlYWlykWRG%2FCCc4364%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
664a9cd1497d4e98-FRA
cf-bgj
minify
td_standard_pack_main.css
all-news.co/wp-content/plugins/td-standard-pack/Newspaper/assets/css/
569 KB
46 KB
Stylesheet
General
Full URL
https://all-news.co/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9aa5e1ff3d260687f7ac21c07b85571f
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6956cbfddf2ce28aee043ecd2b7dbc3ada3954646d7009c6dd1b5ca173f136f9

Request headers

:path
/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9aa5e1ff3d260687f7ac21c07b85571f
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:15 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=732364
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28056ce00004e9813045000000001
last-modified
Sat, 19 Jun 2021 15:30:00 GMT
server
cloudflare
etag
W/"b2ccc-5c5201d1276ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tnXiyRi2dAXEWlBFwHwhXXe9oZSWjqPQ6BizaOinYA%2Fe%2Bdd6dl9mCTfJq8znp%2Bwj5lfzXqNCFua6VbPk3uNWI0fZ8h93UHy9OoBZYkU%2FKmf%2FnplBpILoi%2FDxjrCmKJfpsGfQb3s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
664a9cd149804e98-FRA
cf-bgj
minify
jquery.min.js
all-news.co/wp-includes/js/jquery/
87 KB
30 KB
Script
General
Full URL
https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4761
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28056ce00004e98f80c6000000001
last-modified
Thu, 07 Jan 2021 11:51:38 GMT
server
cloudflare
etag
W/"15d98-5b84e0ffaa786"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BCoCGW8dhbl6aRPUdopMxdAPQ2lFe8b%2B4IbndFFg1HF6V4dnir%2FkDdaWX50OFEX1VKSGKqsoVkH%2FjcsYs8CybaUZpFTOL2%2FabGan8G1hcHBA2WeRnHHGFYDpX8PrzbnxcVqeMI0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
664a9cd1497e4e98-FRA
jquery-migrate.min.js
all-news.co/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4761
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28056ce00004e9809a56000000001
last-modified
Thu, 07 Jan 2021 11:51:38 GMT
server
cloudflare
etag
W/"2bd8-5b84e0ffba56e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AuFshJjewzMKeOI8ipCs1bqOred1IeDi0RTrLYst1vxDGwM4ItU5tXr9QwbZc6wP2i7iAThVrRwB%2FUVn5L5cqIUh4KR6%2F2RV4vducgGbNtyPCF13rIeMQMT6J3Zib82XkEQKKJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
664a9cd149824e98-FRA
cookie-law-info-public.js
all-news.co/wp-content/plugins/cookie-law-info/public/js/
28 KB
7 KB
Script
General
Full URL
https://all-news.co/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.3
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f8c9f1c471da8dae19554e26c6c423f31e5e687ea3892e4a73ada4be3179f86

Request headers

:path
/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4761
cf-polished
origSize=36312
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28056cf00004e985631f000000001
last-modified
Sun, 30 May 2021 00:00:13 GMT
server
cloudflare
etag
W/"8dd8-5c380cb083190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=b8XCFHSYMzR6BjRrCArCYwggEpGmo1ik6sgTLVOpKd4y7VatyS1GUa9mVQbMkoDeCXT1iHV8mm%2FWJ0xy18KorzZxQjp4sCvLRQZuCWQ%2BWXZE6uYjb3AnWOFz1snj%2FCMu4%2FihXsw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
664a9cd1498f4e98-FRA
cf-bgj
minify
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
136 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa62551ffb9f4f300d58b68cf6d4fddb7fc49ce1ed40d05fd4064156b0dc5837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49149
x-xss-protection
0
server
cafe
etag
14916098970332087282
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 02:02:15 GMT
wp-emoji-release.min.js
all-news.co/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://all-news.co/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6139
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae28058c700004e9818378000000001
last-modified
Thu, 04 Feb 2021 02:30:35 GMT
server
cloudflare
etag
W/"3795-5ba797d0ae7be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2iz9n7KxoVhc4sZkJ2qF75hyt%2FerFZS7sK50SUPRaQYkzl5vKtFj3ccJ86TFHlWTVMfR9X%2BL888GxaHlCDuaI9fOsEJ1TZN13MQNTEEMTp64p%2F6mb%2F0Zfc9DKIV%2FHbyK2R54J%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
664a9cd47d774e98-FRA
tdn_pic_2.png
all-news.co/wp-content/uploads/
38 KB
38 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/tdn_pic_2.png
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d89e938fe1ae43fab7b2c2724a54677a3f4ff882075196ef184993bd63ffd6b3

Request headers

:path
/wp-content/uploads/tdn_pic_2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:15 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
38534
cf-request-id
0ae28058db00004e9849ba6000000001
last-modified
Tue, 25 May 2021 04:49:47 GMT
server
cloudflare
etag
"9686-5c3204168bad0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k1zyJxLcoU5vyVqcsPGqJfGkD8FgkO%2FuPZndi3lmJ360RtrK7Z9lwwhOF0GzK2%2BcVz3GzlKIRjJ3qQhryMNdn7zCdeU2uRlbS%2FWZlyzZ57FJyUbz2f39sIcVu%2Ff6OxswObUKUaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cd49dc64e98-FRA
email-decode.min.js
all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
0ae280580700004e9802bb1000000001
last-modified
Thu, 17 Jun 2021 15:00:20 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60cb6384-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nCTPcc4ZHUmPTqlR8FvIqmRzuDkXpvVrT1k9B%2F29ESehIdeqfccT2nBW3jhp%2BzMCqWA%2BdvnY3BDZMSB8WxjlRmBKHXOwgbfkjc9E9dZc1dGQhfPy9sUa02YN7u%2B32TvK9hxxFo4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
cf-ray
664a9cd33bef4e98-FRA
expires
Sun, 27 Jun 2021 02:02:14 GMT
underscore.min.js
all-news.co/wp-includes/js/
16 KB
6 KB
Script
General
Full URL
https://all-news.co/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

:path
/wp-includes/js/underscore.min.js?ver=1.8.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6138
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae280581000004e984e951000000001
last-modified
Thu, 15 Apr 2021 14:30:28 GMT
server
cloudflare
etag
W/"3ead-5c003b4783b7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AmSW25sr4rmtYLxSqor3BYJwkH23e4sbnxlSxUOUFNGQ0V48jatGlpEfHmesDm9HW46sogrepb5a87v6yDXDkkKxNw0FZ543PpA2zdbLq0iQa%2FEOS1b93otkBkeMyQ4muK1ofzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
664a9cd34bfe4e98-FRA
js_posts_autoload.min.js
all-news.co/wp-content/plugins/td-cloud-library/assets/js/
5 KB
2 KB
Script
General
Full URL
https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e

Request headers

:path
/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4761
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae280581e00004e9802bb2000000001
last-modified
Sat, 19 Jun 2021 15:29:42 GMT
server
cloudflare
etag
W/"1428-5c5201c00d31a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KVnqYTyikLSDUTN4BIB%2FmKdipgDEBjT%2Fo2RefvWk32WMxx7ulKu2rC5%2F%2BxOLBErq8MuYSLr6amMbRr87KLpSVCzhnd46X1Yp657hlfTD8eolI5fDLi2z9En7uMfhJz8b46Ff2Uw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
664a9cd36c1b4e98-FRA
tagdiv_theme.min.js
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/
257 KB
56 KB
Script
General
Full URL
https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574

Request headers

:path
/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6138
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae280582c00004e980d17e000000001
last-modified
Sat, 19 Jun 2021 15:29:35 GMT
server
cloudflare
etag
W/"4029c-5c5201b875148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YUeR%2BrE2RoqaQ6ZFldrlchwj5OR4emyXtFSPpgH2Q7fOeVGkNdJfI3RgGfTAzkdIxCByh3ImCwZjetzzaUGDhIhE6AAH0WfGUDxL8wIXLNG3urjvFAyr5WmaruhL1h%2BZWHeqXhY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
664a9cd37c2d4e98-FRA
comment-reply.min.js
all-news.co/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://all-news.co/wp-includes/js/comment-reply.min.js?ver=5.7.2
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6138
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae280584b00004e981a939000000001
last-modified
Thu, 15 Apr 2021 14:30:28 GMT
server
cloudflare
etag
W/"ba8-5c003b4783f65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=79wCx7bOOW6etk1QyOUJd34HyUrd8R5NWGeT6VU2rK1wo9qHAjFxUHAY7DqKuQnMhNqCeyZQCPozD0i6ZLu39qOH37HQjNl0g%2Bt2oqDzDjVr0sEv264jpX9Faym9ylTYRp3kUIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
664a9cd3ac704e98-FRA
kddsnszlCWqm.js
all-news.co/wp-content/uploads/mQfuTlzSXWhq/
14 KB
4 KB
Script
General
Full URL
https://all-news.co/wp-content/uploads/mQfuTlzSXWhq/kddsnszlCWqm.js?ver=2.2.3
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df85aac876d06864d10bb0fc5f45c6fa28870ed4eda966f3082d52e42173d962

Request headers

:path
/wp-content/uploads/mQfuTlzSXWhq/kddsnszlCWqm.js?ver=2.2.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6139
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae280585a00004e9809a6a000000001
last-modified
Mon, 26 Apr 2021 13:36:17 GMT
server
cloudflare
etag
W/"396a-5c0e03aea02a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BSte69sjZS2FFIDxTCwf6rbAPLHOgmgNX%2FN8bZrsRqy6X9u2Igu82qPow0Hcl8kjmVDX8mDI4ZcWzlq9B5fx9b6SO%2Fc8zFxLoe2RR479bn7lO%2BSKjKTxbfg72je1zH1TVmt8740%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
664a9cd3cc8f4e98-FRA
cf-bgj
minify
js_files_for_front.min.js
all-news.co/wp-content/plugins/td-cloud-library/assets/js/
36 KB
8 KB
Script
General
Full URL
https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c510fe49c3ec5fd57ac7ead341655699156a63fe10195347dfeae1dc53f909

Request headers

:path
/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6139
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae280586800004e98ffb95000000001
last-modified
Sat, 19 Jun 2021 15:29:42 GMT
server
cloudflare
etag
W/"9176-5c5201c00d31a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iTyj%2FMFQWlcH93RiYq50NBIlbeDa77nsxH29jWfX3d4NQtspDkwuKsYzyS1FYbItP3nrVa2wSyFp4KJahM4PpPi1g14h2nITQOaCFtCWM283WEG0YSxu%2FQVbRNZ94WRDstEVB78%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
664a9cd3dcb04e98-FRA
wp-embed.min.js
all-news.co/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://all-news.co/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6139
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae280587800004e98ec3de000000001
last-modified
Thu, 04 Feb 2021 02:30:35 GMT
server
cloudflare
etag
W/"592-5ba797d0ae3d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OjpAMq5VtB0p0iCDakUTNrHFxGI2tA0DgcM%2Fo7THpUBqXBMrxSf6DAz6ScGQ8ndtknJd9J0gBAZtVe8KPeOyxJpJCJndr05cPGhwZC9405oFz4Bu9h0wCbsVVnEdl%2B%2BcPl6gFXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
664a9cd3fcd14e98-FRA
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.2
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe8b2264b7ef7ae4f5b3ee5fa827b2744a843804a417cc0b39a4f0e9f64f07ed

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:15 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1177
etag
W/"5fc2f559bc639be298da1ed4b804eeda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
664a9cd999e14eda-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae2805c0600004edac6224000000001
expires
Mon, 28 Jun 2021 02:02:15 GMT
v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR
steadfastsystem.com/
103 KB
30 KB
Script
General
Full URL
https://steadfastsystem.com/v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.90.190.35.bc.googleusercontent.com
Software
/
Resource Hash
7167d98c8fcd2cb5b9cefa7741a83503479e45ebf46cab634437c4d9ecda4dc5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"a482df376251d3b006a148250b432330fd44baf664cb5b2f12a65a7cfb64c0ca"
vary
Accept-Encoding, Accept-Language
x-hostname
fb372900
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Fri, 25 Jun 2021 02:02:16 GMT
timing-allow-origin
*
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
1327
date
Fri, 25 Jun 2021 01:40:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Fri, 25 Jun 2021 03:40:08 GMT
mobile-bg.jpg
all-news.co/wp-content/uploads/2021/01/
43 KB
43 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/01/mobile-bg.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a

Request headers

:path
/wp-content/uploads/2021/01/mobile-bg.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:16 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43847
cf-request-id
0ae2805c1900004e981a96a000000001
last-modified
Sat, 30 Jan 2021 22:15:34 GMT
server
cloudflare
etag
"ab47-5ba2575ae8adc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vSX2%2F7dgbDaIvWKw0AJDIAiZu3aIEMBGw0av2rPl8fw5Sya%2B2nfbKWHBZeEVQjyQdUEIeg9NXkiR2Yn5QcIfsJMogaJ8LmzBz%2FSisp0DrQIHZT4Dpo7wKZn1xJfNfKO5v1WnB98%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cd9cbeb4e98-FRA
newspaper.woff
all-news.co/wp-content/themes/Newspaper/images/icons/
24 KB
17 KB
Font
General
Full URL
https://all-news.co/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by
Host: all-news.co
URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

:path
/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
pragma
no-cache
origin
https://all-news.co
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
all-news.co
referer
https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://all-news.co
Referer
https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:16 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 19 Jun 2021 15:29:28 GMT
server
cloudflare
etag
W/"6120-5c5201b260aa8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7U0ZEB5tTEMFKJqbCp%2FEztzM%2FL68zYBXsaqsC1LsvS4coFZu7hBOMjd%2BQXTjeitbfoJd7DhETOfeiBgJV223h8O%2Bl4Om%2BLkdnyAmniqTKvob%2FMziXm9%2BPGWKnVQarXsJm4Sp3AI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
664a9cd9cbf14e98-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae2805c1a00004e982dab8000000001
newspaper-icons.woff
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/
6 KB
4 KB
Font
General
Full URL
https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
Requested by
Host: all-news.co
URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

:path
/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
pragma
no-cache
origin
https://all-news.co
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
all-news.co
referer
https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://all-news.co
Referer
https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:16 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 19 Jun 2021 15:29:34 GMT
server
cloudflare
etag
W/"1744-5c5201b86b508"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IU73j18uT0VZ23Ed%2FGPMS3ukic4FglU4jXc4ZbmpADgwNzvoUlUppb8mdaOMaRdHTfREZFbHihv33qU9QzJGSG%2BGmVXsknfIeTOijQy5qyJFw%2BZyPcWoo6qvJf6j%2F3YIcST8vgs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
664a9cd9cbf34e98-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae2805c1a00004e983f8ae000000001
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://all-news.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 22:24:53 GMT
x-content-type-options
nosniff
age
185842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 22:24:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://all-news.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 22:24:55 GMT
x-content-type-options
nosniff
age
185841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 22:24:55 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://all-news.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 02:11:10 GMT
x-content-type-options
nosniff
age
85866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jun 2022 02:11:10 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/
240 KB
89 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45438ac938e6613185f4cec0aac33ce6946e88ece9ffd9f916859e08d6509454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91015
x-xss-protection
0
server
cafe
etag
11458787442517343973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 02:02:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210623/r20190131/ Frame B9A5
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210623/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210623/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://all-news.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://all-news.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 24 Jun 2021 03:56:11 GMT
expires
Thu, 08 Jul 2021 03:56:11 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
cache-control
public, max-age=1209600
age
79565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://all-news.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 18:46:29 GMT
x-content-type-options
nosniff
age
198947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 18:46:29 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://all-news.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 20:30:42 GMT
x-content-type-options
nosniff
age
192694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:26 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 20:30:42 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://all-news.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 23:21:38 GMT
x-content-type-options
nosniff
age
96038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 23:21:38 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=335480642&t=pageview&_s=1&dl=https%3A%2F%2Fall-news.co%2F&ul=en-us&de=UTF-8&dt=Home%20-%20all-news&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1711532553&gjid=1639239976&cid=1340124796.1624586536&tid=UA-185019636-1&_gid=2098185767.1624586536&_r=1&_slc=1&z=705947227
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://all-news.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
201 B
656 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=all-news.co&callback=_gfp_s_&client=ca-pub-8439024877331049
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
7b136f2755dc6847f5fb531065d41450fed78dd9a8d8b944d17b3682c2a3b488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=all-news.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 02:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
317 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=all-news.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 02:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9DBF
23 KB
1 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1624586536&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536187&bpp=6&bdt=1602&idt=212&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6215114917117&frm=20&pv=2&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=227
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
687664f81f53e508f1215fd0dcc1d9b9e489441f1536177024b559808c2f53ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1624586536&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536187&bpp=6&bdt=1602&idt=212&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6215114917117&frm=20&pv=2&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=227
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://all-news.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://all-news.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 25 Jun 2021 02:02:16 GMT
server
cafe
content-length
1372
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 25-Jun-2021 02:17:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Jun 2021 02:02:16 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:16 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469958711216"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27719
x-xss-protection
0
expires
Fri, 25 Jun 2021 02:02:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-8439024877331049&c=11&e=2570847921467975139&n=0&t=0&w=446&x=4
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B358
66 KB
23 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f78d7d0dc05cd36b1fd3bbf0175b4a019753700b6bfcaaba254146889135c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://all-news.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://all-news.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 25 Jun 2021 02:02:16 GMT
server
cafe
content-length
23255
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 25-Jun-2021 02:17:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Jun 2021 02:02:16 GMT
cache-control
private
elements.png
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/
4 KB
5 KB
Image
General
Full URL
https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by
Host: all-news.co
URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

:path
/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
pragma
no-cache
cookie
_ga=GA1.2.1340124796.1624586536; _gid=GA1.2.2098185767.1624586536; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:16 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6130
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4149
cf-request-id
0ae2805e1300004e982e2a2000000001
last-modified
Sat, 19 Jun 2021 15:29:34 GMT
server
cloudflare
etag
"1035-5c5201b86b120"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Qmzow7RmYpqF%2BLGwHWYimP1N72yf%2Bu8xagft5rqBPMiSOIc3i5OBKN0CssEJVZFU29MP%2B8qhLbUjqlHtEw0VCV2WviMqtWe0aMMK%2FxHtMd4loREwX%2BiSnpqigB15A6%2FUYmvZ1Qg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cdce87a4e98-FRA
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=all-news.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 02:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=all-news.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 02:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3899
15 KB
7 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ed1655a19216276f3eba2b2fc91f050bc40a0fb36208512f4be89cb5d772c7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://all-news.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://all-news.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 25 Jun 2021 02:02:17 GMT
server
cafe
content-length
6950
x-xss-protection
0
set-cookie
IDE=AHWqTUkAbRGyBCJd8njeDviWgw1ssPSgV5wDhMgGvPjBa0bz6Qoichz22z9UT45p7JQ; expires=Wed, 20-Jul-2022 02:02:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Jun 2021 02:02:17 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6298
15 KB
7 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f722a571a6ddc2c4b3ae3aa1d2c80c29033ddfaf8fe9abbd4a3ac8a7006cbd91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://all-news.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://all-news.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 25 Jun 2021 02:02:17 GMT
server
cafe
content-length
6934
x-xss-protection
0
set-cookie
IDE=AHWqTUkPNTTWsOK0eR3V0xW9JX2CemGHx_aZRV2mliWFbNCi2ljYsd3jIpoFYA0pEGw; expires=Wed, 20-Jul-2022 02:02:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Jun 2021 02:02:17 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 99CC
72 KB
25 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fb557165b1e690325427140f50a990a0fe6dd6eee363510a374ba8c72593d62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://all-news.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://all-news.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 25 Jun 2021 02:02:17 GMT
server
cafe
content-length
25875
x-xss-protection
0
set-cookie
IDE=AHWqTUkd8jK6Z782po8wTvbSNAlcUndZENwKtBtzI2XpCKLGxiPmSfcxhiocV16fiCM; expires=Wed, 20-Jul-2022 02:02:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Jun 2021 02:02:17 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 7AA2
16 KB
7 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e5a7e4585e29df53872541ed63901049bf704de5a2df6fc1efc2aa320535acc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://all-news.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://all-news.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 25 Jun 2021 02:02:17 GMT
server
cafe
content-length
7250
x-xss-protection
0
set-cookie
IDE=AHWqTUld1a3kEbNg7TrHRQ7riClGBnoxM38oCZ-1Ra0uiB9qDERbc0_mJgWJagcU8es; expires=Wed, 20-Jul-2022 02:02:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Jun 2021 02:02:17 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 49AF
71 KB
25 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
051451d034c0ad3bed03c213a8bfff3d9019f2019bc321ff5a32247b72faf126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://all-news.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://all-news.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 25 Jun 2021 02:02:17 GMT
server
cafe
content-length
25661
x-xss-protection
0
set-cookie
IDE=AHWqTUms9G06ITb-13nDuhDgymZW_lchXmoVnaRmkHyfUhhjagc1t8hBt5h_xNIufmM; expires=Wed, 20-Jul-2022 02:02:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Jun 2021 02:02:17 GMT
cache-control
private
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://all-news.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 16:47:53 GMT
x-content-type-options
nosniff
age
206063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:47:53 GMT
footer_bg.jpg
all-news.co/wp-content/uploads/2021/01/
105 KB
106 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/01/footer_bg.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a

Request headers

:path
/wp-content/uploads/2021/01/footer_bg.jpg
pragma
no-cache
cookie
_ga=GA1.2.1340124796.1624586536; _gid=GA1.2.2098185767.1624586536; _gat=1; __gads=ID=f78b96b70e68b1a4-226cc1bc0cc900ab:T=1624586536:RT=1624586536:S=ALNI_MbmhCUygYISe4bKQClqP-40_C6OUw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:18 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
107441
cf-request-id
0ae2805f6e00004e980ab92000000001
last-modified
Sat, 30 Jan 2021 22:15:20 GMT
server
cloudflare
etag
"1a3b1-5ba2574d2c0a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WTHhKLrtCDhomQojk28yLe%2BX7gMyaBTOMn1c%2BbKsjCzYyBKrK0eYL%2F4pmIN97OxK3lByI4dEFV%2BRHYAWXPzw%2Bg3jItzGK74SPPYiN43UF6eRR4h9FjiSymo3Cp0JUpROLrz4ThY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cdf1b7e4e98-FRA
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
css
fonts.googleapis.com/ Frame B358
4 KB
713 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 01:40:30 GMT
server
ESF
date
Fri, 25 Jun 2021 02:02:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Jun 2021 02:02:16 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame B358
1 KB
990 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 23:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jul 2021 23:50:23 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/ Frame B358
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 00:43:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7073
x-xss-protection
0
server
cafe
etag
4951781748486473094
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 00:43:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame B358
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 00:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 00:36:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B358
125 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469964731542"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
expires
Fri, 25 Jun 2021 02:02:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame B358
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 01:55:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
server
cafe
etag
5108850372203985220
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 01:55:33 GMT
5be26e13f65761684aaaff0594247b1f.js
www.gstatic.com/mysidia/ Frame B358
25 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/5be26e13f65761684aaaff0594247b1f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 13:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10687
x-xss-protection
0
last-modified
Thu, 17 Jun 2021 06:31:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 Sep 2021 13:49:51 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/10710568119199201472/ Frame B358
10 KB
10 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10710568119199201472/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ceae493ba2fb4e513e151a8c8bd98f58f35b519147aab0ab8ced6da9724a6a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 11:08:04 GMT
x-content-type-options
nosniff
age
140053
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10341
x-xss-protection
0
last-modified
Wed, 08 Jul 2020 10:38:49 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 11:08:04 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B358
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CtNCjKDnVYOflHPPd7_UP9O2muAPnstqgY8TnpoD_C4Gp3s75ChABIMzT7IIBYJUCoAHM-7H_A8gBBqkCPHRA1KUEtD6oAwHIA8sEqgS6AU_QM_IRjnRrEwHcZTycWJOMwa5rk5F36hvDbxkxRwXgOwqtFCBkkDFfOHeNh_c49yd8VfQYHPwTSuNINmYXH7s8ycXz03MBmNXWXJOVaNzz74v1oXy8R-kQtQFQqV5R-XPLLXVNoy9m1Rl8M6vq1TdCN8EgbGc2apEaxgq3NzwAZGzwfbuzuJ824PWlb5rEJu6ZHQVtidf6O-zFdVCZtziSy-AcBhOf5bt_W3YYe8Yuw3AAvuXxTkHbn8AEnIqWyIYDkgUECAQYAZIFBAgFGASgBjeAB5yETqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCuqwLSCAkIgOGAEBABGB-ACgHICwHYEw2IFAfQFQGAFwGyFxoKGAgAEhRwdWItODQzOTAyNDg3NzMzMTA0OQ&sigh=catyUgmqfA0&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 25 Jun 2021 02:02:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 25 Jun 2021 02:02:17 GMT
Asvju
ad.doubleclick.net/ddm/adj/Aurhp/
11 B
568 B
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/Aurhp/Asvju
Requested by
Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A2B6
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CiyBbKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEtgFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3uUhAUDqcLCiypHBmlCRDH9dO4AGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTg0MzkwMjQ4NzczMzEwNDk&sigh=El53MOa-k0k
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/issosales/hrefly.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 25 Jun 2021 02:02:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame A2B6
0
0
Fetch
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1je187xd9ct3ezfraxv9sywce40mdxwmn6fwbnc3qypjvjnsa2brpfh5qkkzhrcyad8zasa638j7ctqmedredn1atqywynt1yxyw7q6pa75kmsc6a0b2vpr19ypcvsh5xe94wwnyygge9ndvj4t139b7qjfdwbmq4fw56xndp405wbdrtn3gcts1cyty0xhk32gd4pgfe7b8csd4czx82ha2g3cw27n1qpbhnmc29gw7pyyzzpwqx85cyr9afqfk42wv1q7btr3w9mztynbjgqj71gjk6wywg8hnz7ndpa9rhcbekset9whsz70rbxf1jpphxn6ae5nn699n7ymfsa2zna9k3hy2m9nsapsg0btwkm43ymrh78k29pxcv1717sd4xerf&b=YNU5KAAKq6YIu-Q4AAY0AdJar7f21f6DfHjyxQ
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/issosales/hrefly.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame 8586
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/ad/dr?ed=1g5sxvahccwpm8q4e0abnt88t3x7jv29sehtfhvy0ctbgbmh4ehrj14ndd3z6hy8qasqfmfyxw1yk646mn54b67wqez0k1bqa9s41chk8cgqm957p69499672zqtkdk1t9xsznznt7k43jeh77mec7f2168cz89aych115et8pjnj8yjbf6wh641h44zwj0an0q8sqfzbw54je2qm7hcjfx2g432xj3wdvw432j49jynfbc1tec94md59fwb1jny75nrskdw3q9e9mgrdc30g1v5r9rvaamn0n2c5064kffztvs12k8npzpx28408trpm7kva46033qkg4gpz5z839t42wvwhcap28q6qwrz9es0hgqcwv8ffz9efrv3j&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%26client%3Dca-pub-8439024877331049%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3f836d360ac3910efc2fdf7db41dfbfd0af1971a905291cfd1d45469caaee0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1g5sxvahccwpm8q4e0abnt88t3x7jv29sehtfhvy0ctbgbmh4ehrj14ndd3z6hy8qasqfmfyxw1yk646mn54b67wqez0k1bqa9s41chk8cgqm957p69499672zqtkdk1t9xsznznt7k43jeh77mec7f2168cz89aych115et8pjnj8yjbf6wh641h44zwj0an0q8sqfzbw54je2qm7hcjfx2g432xj3wdvw432j49jynfbc1tec94md59fwb1jny75nrskdw3q9e9mgrdc30g1v5r9rvaamn0n2c5064kffztvs12k8npzpx28408trpm7kva46033qkg4gpz5z839t42wvwhcap28q6qwrz9es0hgqcwv8ffz9efrv3j&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%26client%3Dca-pub-8439024877331049%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0ae280607a00004e79dc8ae000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664a9ce0cd254e79-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame A2B6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 01:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2038
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 01:28:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5EE8
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 24 Jun 2021 08:59:18 GMT
expires
Fri, 25 Jun 2021 08:59:18 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
61379
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A2B6
125 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469964731542"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
expires
Fri, 25 Jun 2021 02:02:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame A2B6
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 01:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
server
cafe
etag
5108850372203985220
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 01:56:07 GMT
truncated
/ Frame B358
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e9503e4c5b5ac098fa4ff7d3642d7d1780e67cdfd1b46e5cd2753b19ade0549

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B358
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 22:24:55 GMT
x-content-type-options
nosniff
age
185842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 22:24:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B358
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 23:21:38 GMT
x-content-type-options
nosniff
age
96039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 23:21:38 GMT
truncated
/ Frame A2B6
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b1cbc383ac806637d5f810b9ef3c4a90aec32ccf3329e9e043405effda5828d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 3D37
3 KB
1 KB
Document
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Requested by
Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-23/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://all-news.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://all-news.co/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1479
date
Wed, 23 Jun 2021 12:08:13 GMT
expires
Thu, 23 Jun 2022 12:08:13 GMT
last-modified
Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
136444
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
pagead2.googlesyndication.com/bg/ Frame 507E
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624586536&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536212&bpp=6&bdt=1628&idt=229&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4RGcUBNUX9&p=https%3A//all-news.co&dtd=242
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 20:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
191988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5744
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jun 2022 20:42:29 GMT
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame 8586
58 KB
59 KB
Stylesheet
General
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1g5sxvahccwpm8q4e0abnt88t3x7jv29sehtfhvy0ctbgbmh4ehrj14ndd3z6hy8qasqfmfyxw1yk646mn54b67wqez0k1bqa9s41chk8cgqm957p69499672zqtkdk1t9xsznznt7k43jeh77mec7f2168cz89aych115et8pjnj8yjbf6wh641h44zwj0an0q8sqfzbw54je2qm7hcjfx2g432xj3wdvw432j49jynfbc1tec94md59fwb1jny75nrskdw3q9e9mgrdc30g1v5r9rvaamn0n2c5064kffztvs12k8npzpx28408trpm7kva46033qkg4gpz5z839t42wvwhcap28q6qwrz9es0hgqcwv8ffz9efrv3j&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1g5sxvahccwpm8q4e0abnt88t3x7jv29sehtfhvy0ctbgbmh4ehrj14ndd3z6hy8qasqfmfyxw1yk646mn54b67wqez0k1bqa9s41chk8cgqm957p69499672zqtkdk1t9xsznznt7k43jeh77mec7f2168cz89aych115et8pjnj8yjbf6wh641h44zwj0an0q8sqfzbw54je2qm7hcjfx2g432xj3wdvw432j49jynfbc1tec94md59fwb1jny75nrskdw3q9e9mgrdc30g1v5r9rvaamn0n2c5064kffztvs12k8npzpx28408trpm7kva46033qkg4gpz5z839t42wvwhcap28q6qwrz9es0hgqcwv8ffz9efrv3j&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8139790
cf-polished
origSize=59196
x-guploader-uploadid
ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
58969
cf-request-id
0ae280610b00004ed3e49ac000000001
last-modified
Tue, 16 Mar 2021 10:53:32 GMT
server
cloudflare
etag
"44274c587ed8382583221bb023d51c5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1GCPzDM9fs7NRzbPMFEXbST8AaHgrb46t1PBotK0rZTZefL2fXEJEoZnC4lkSoT5TW28bVVvxAo80F7Y6dIas43QgmUm7jt3cFOMhhKgSPpLpy0oIVlVhKrA29daLthX"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615892011975494
content-type
text/css
expires
Tue, 22 Mar 2022 20:59:07 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
664a9ce1ae6b4ed3-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 8586
36 KB
12 KB
Script
General
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1g5sxvahccwpm8q4e0abnt88t3x7jv29sehtfhvy0ctbgbmh4ehrj14ndd3z6hy8qasqfmfyxw1yk646mn54b67wqez0k1bqa9s41chk8cgqm957p69499672zqtkdk1t9xsznznt7k43jeh77mec7f2168cz89aych115et8pjnj8yjbf6wh641h44zwj0an0q8sqfzbw54je2qm7hcjfx2g432xj3wdvw432j49jynfbc1tec94md59fwb1jny75nrskdw3q9e9mgrdc30g1v5r9rvaamn0n2c5064kffztvs12k8npzpx28408trpm7kva46033qkg4gpz5z839t42wvwhcap28q6qwrz9es0hgqcwv8ffz9efrv3j&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e

Request headers

Referer
https://ad4m.at/ad/dr?ed=1g5sxvahccwpm8q4e0abnt88t3x7jv29sehtfhvy0ctbgbmh4ehrj14ndd3z6hy8qasqfmfyxw1yk646mn54b67wqez0k1bqa9s41chk8cgqm957p69499672zqtkdk1t9xsznznt7k43jeh77mec7f2168cz89aych115et8pjnj8yjbf6wh641h44zwj0an0q8sqfzbw54je2qm7hcjfx2g432xj3wdvw432j49jynfbc1tec94md59fwb1jny75nrskdw3q9e9mgrdc30g1v5r9rvaamn0n2c5064kffztvs12k8npzpx28408trpm7kva46033qkg4gpz5z839t42wvwhcap28q6qwrz9es0hgqcwv8ffz9efrv3j&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA==
date
Fri, 25 Jun 2021 02:02:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
49999
x-guploader-uploadid
ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae280610a00004ed3ac3a8000000001
last-modified
Mon, 14 Jun 2021 12:08:33 GMT
server
cloudflare
etag
W/"ff92efa079e8c446e6e02ffafd7c9154"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=irF6NXejJ0dx1awwOvgJ%2FcTeJ7X5aeu8Aop%2B2DZJ1tkusMroL8DHj%2Bh3XNYr1oXQlEylfBK7QMHgAZpNZ8YF36iExgTegLhxHMxBULFa10adX2SpgKCtSReIkKOtort8"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623672513020985
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11953
cf-ray
664a9ce1ae6a4ed3-FRA
expires
Thu, 24 Jun 2021 12:08:58 GMT
css
fonts.googleapis.com/ Frame 49AF
6 KB
668 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 01:46:49 GMT
server
ESF
date
Fri, 25 Jun 2021 02:02:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Jun 2021 02:02:17 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 49AF
1 KB
909 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 23:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jul 2021 23:50:23 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/ Frame 49AF
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 00:43:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7073
x-xss-protection
0
server
cafe
etag
4951781748486473094
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 00:43:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 49AF
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 00:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 00:36:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 49AF
125 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469964731542"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
expires
Fri, 25 Jun 2021 02:02:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 49AF
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 01:55:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
server
cafe
etag
5108850372203985220
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 01:55:33 GMT
l
www.google.com/ads/measurement/ Frame 49AF
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqsjxFujda6tRBr4PpS-fFVVUBcj4SKZVDi4lu4u74VLvQ0LriR1h65nkKF1BROhWulAb9I-Y9TOOLKyT8YWOwm_umwQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

5be26e13f65761684aaaff0594247b1f.js
www.gstatic.com/mysidia/ Frame 49AF
25 KB
10 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/5be26e13f65761684aaaff0594247b1f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 13:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10687
x-xss-protection
0
last-modified
Thu, 17 Jun 2021 06:31:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 Sep 2021 13:49:51 GMT
dpixel
cms.quantserve.com/ Frame 5EE8
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFIsgr8O9sJyulAxHutWr8M&google_cver=1&google_push=AYg5qPKOmkOzPvRq1egUDwulVGjQ4HpOXqqZXLwkEhQgVsMUYrmOGjIG81zqeMpT5OrydBHFQF1BFHnSXgNOYw8GNSaqpgYWNv7U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5EE8
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEHUAChaVt4ejHQlMqrZdUmE&google_cver=1&google_push=AYg5qPI8TVDCmXhUlaH2IPbZcpx803ZeFctdgjuAL7yVB22P5psOxW0ZKnrYhwUeoocihKUnrHO66kW5pPe4ZC5wHimL_tEa1omu
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI8TVDCmXhUlaH2IPbZcpx803ZeFctdgjuAL7yVB22P5psOxW0ZKnrYhwUeoocihKUnrHO66kW5pPe4ZC5wHimL_tEa1omu&google_hm=Q0FFU0VIVUFDaGFWdDRla...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI8TVDCmXhUlaH2IPbZcpx803ZeFctdgjuAL7yVB22P5psOxW0ZKnrYhwUeoocihKUnrHO66kW5pPe4ZC5wHimL_tEa1omu&google_hm=Q0FFU0VIVUFDaGFWdDRla...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI8TVDCmXhUlaH2IPbZcpx803ZeFctdgjuAL7yVB22P5psOxW0ZKnrYhwUeoocihKUnrHO66kW5pPe4ZC5wHimL_tEa1omu&google_hm=Q0FFU0VIVUFDaGFWdDRlakhRbE1xclpkVW1F&google_tc=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI8TVDCmXhUlaH2IPbZcpx803ZeFctdgjuAL7yVB22P5psOxW0ZKnrYhwUeoocihKUnrHO66kW5pPe4ZC5wHimL_tEa1omu&google_hm=Q0FFU0VIVUFDaGFWdDRlakhRbE1xclpkVW1F&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
432
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5EE8
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESECBbNjm3ARfXAd_BGNtW3Us&google_cver=1&google_push=AYg5qPJJZCPoKhFBJgoh454xDnBUY6Y3OyWQd1zLjwgdKzMX043E7l6p2jbi1QCH-bOZ891njJzkGND-aVp70eYJwtCs2S6mtyk
  • https://rtb.openx.net/sync/dds?google_gid=CAESECBbNjm3ARfXAd_BGNtW3Us&google_cver=1&google_push=AYg5qPJJZCPoKhFBJgoh454xDnBUY6Y3OyWQd1zLjwgdKzMX043E7l6p2jbi1QCH-bOZ891njJzkGND-aVp70eYJwtCs2S6mtyk&o...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJJZCPoKhFBJgoh454xDnBUY6Y3OyWQd1zLjwgdKzMX043E7l6p2jbi1QCH-bOZ891njJzkGND-aVp70eYJwtCs2S6mtyk
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJJZCPoKhFBJgoh454xDnBUY6Y3OyWQd1zLjwgdKzMX043E7l6p2jbi1QCH-bOZ891njJzkGND-aVp70eYJwtCs2S6mtyk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:16 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJJZCPoKhFBJgoh454xDnBUY6Y3OyWQd1zLjwgdKzMX043E7l6p2jbi1QCH-bOZ891njJzkGND-aVp70eYJwtCs2S6mtyk
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
q1grqiksmo3k0dgdnppmev1hllqcf6ad
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5EE8
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDReIPC8YzfVcuVrW9oBFGI&google_cver=1&google_push=AYg5qPIAnVtarQvvLY56m26ODDGvykkXJwThYXtH-JNSbqR2FAui5gbrpjlgGLxEA5l6CZLm2lbhqxBmIN-6g0qG2kmZHIn-kUbZ&rdf=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8

Redirect headers

location
/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDReIPC8YzfVcuVrW9oBFGI&google_cver=1&google_push=AYg5qPIAnVtarQvvLY56m26ODDGvykkXJwThYXtH-JNSbqR2FAui5gbrpjlgGLxEA5l6CZLm2lbhqxBmIN-6g0qG2kmZHIn-kUbZ&rdf=1
date
Fri, 25 Jun 2021 02:02:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 5EE8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE9yod3P_xdInSJFkoTU8dM&google_cver=1&google_push=AYg5qPJMPvYNU25XA9W4Qb3_z1nWeZ5uzYYQvPl7rsnHOnoX2FbkbXBBp-msDOqezBp5te6mNVg...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZNVTItNi00UVVD&google_push=AYg5qPJMPvYNU25XA9W4Qb3_z1nWeZ5uzYYQvPl7rsnHOnoX2FbkbXBBp-msDOqezBp5te6mNVg7v1dMGMtpRM8sll41QHqaVhs
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZNVTItNi00UVVD&google_push=AYg5qPJMPvYNU25XA9W4Qb3_z1nWeZ5uzYYQvPl7rsnHOnoX2FbkbXBBp-msDOqezBp5te6mNVg7v1dMGMtpRM8sll41QHqaVhs&googl...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZNVTItNi00UVVD&google_push=AYg5qPJMPvYNU25XA9W4Qb3_z1nWeZ5uzYYQvPl7rsnHOnoX2FbkbXBBp-msDOqezBp5te6mNVg7v1dMGMtpRM8sll41QHqaVhs&google_tc=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZNVTItNi00UVVD&google_push=AYg5qPJMPvYNU25XA9W4Qb3_z1nWeZ5uzYYQvPl7rsnHOnoX2FbkbXBBp-msDOqezBp5te6mNVg7v1dMGMtpRM8sll41QHqaVhs&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
411
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5EE8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F...
0
0

trk
ag.innovid.com/ Frame 5EE8
43 B
296 B
Image
General
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMLhiHkBTbdn5h5OwPYsdWc&google_cver=1&google_push=AYg5qPLRy522Q7Vbopr1E9WRXSkvwJnXm0xiFNEK4kA9vJSTd_sul9FNrQTYB45wHiqbIcSh1EdFWTqbk97tooQGxPZ07rItnSOG
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:d5a3:82d4:c5d1:6c2f London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 5EE8
0
253 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LdB-n-a9DguIFGIP4JTvxM9fhi4Bm1KTnqb4ra9QQOVbvJHCJZJ6rqmDlMsV0Llt4zViM0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KrHR1BBWNe&p=https%3A//all-news.co&dtd=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame 1E9D
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CciT5KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvAFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROWKj7VWJS0UQcUippO5ONXl9GIAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTg0MzkwMjQ4NzczMzEwNDk&sigh=CwITy_oWK24
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/issosales/hrefly.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 25 Jun 2021 02:02:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 1E9D
0
0
Fetch
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1ka4dtabfe01c87k08hdxgbj043s0h2hbxpgp6shapv964dx7x58pg628d7ksd19g05asqkvbtawbxs5wxn5p0bc2pv4whk1be2bsfq1tz4f6bdk59gjjefy4j5hepfkcxj45j5d1k2qg67fb4xhbqgfby61vg6d74ndx8kdh32h8gz6thb9keb0g2r5skjxpjksq76nbqq0mw66npbaq3t3fqnt218vckzeaxcpmtpgsgqxw7f92h0dtqa56t21ctyypqvqah9rfm0p77q8vsgrsk9a8ft0p1qrx6td3nt37tza8g2j20107cb5y252h3vnneryr9jph763avpejqhr1c1hb01g2cqzhg3f998kxv3yj4kh5jtcfvz3rb9mghx2859x&b=YNU5KAAKnRgIu-FPAAPCuIfxD3YLjSXO-OZqbQ
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/issosales/hrefly.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame AE1D
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/ad/dr?ed=1j4deb8cdft3f850rys4f67z7dd3fr97emdq1k1rg77fsqf2yv6qj2gse2e1rdt4js1daz0k8kwp52gdxbp7babrkzn6jjy6n230tmb70e233kjdpnaa076yt13xh20gm0ce2rbm6ch9fgzrvfat1d2f3cb14vpkkgs9asbq2wtxfvjn2y8kmwqtkqq5vdzw622zvw2chyk42g6gz5wp1b9rgcdg9h4d27ba7mynmw11qgancp3xqvpk5mcmz28h0cm9ej7hdy51r5fxc1pa8j99a9rysrg7kecsdynard6g4gmk4ph21hv1gyqpxq7azdfb465g7462hh7meayb9jebgnsgfk638h5vzswdnr1rjwz4kxfn6ntkqqz28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%26client%3Dca-pub-8439024877331049%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aebbc030b7fd6ebb20c85391683a71382b5097991dc33d286a772f3bb1e2751
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1j4deb8cdft3f850rys4f67z7dd3fr97emdq1k1rg77fsqf2yv6qj2gse2e1rdt4js1daz0k8kwp52gdxbp7babrkzn6jjy6n230tmb70e233kjdpnaa076yt13xh20gm0ce2rbm6ch9fgzrvfat1d2f3cb14vpkkgs9asbq2wtxfvjn2y8kmwqtkqq5vdzw622zvw2chyk42g6gz5wp1b9rgcdg9h4d27ba7mynmw11qgancp3xqvpk5mcmz28h0cm9ej7hdy51r5fxc1pa8j99a9rysrg7kecsdynard6g4gmk4ph21hv1gyqpxq7azdfb465g7462hh7meayb9jebgnsgfk638h5vzswdnr1rjwz4kxfn6ntkqqz28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%26client%3Dca-pub-8439024877331049%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0ae280611800004ed3adb0e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664a9ce1ce834ed3-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame 1E9D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 01:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2038
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 01:28:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C225
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 24 Jun 2021 08:59:18 GMT
expires
Fri, 25 Jun 2021 08:59:18 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
61379
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E9D
125 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469964731542"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
expires
Fri, 25 Jun 2021 02:02:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame 1E9D
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 01:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
server
cafe
etag
5108850372203985220
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 01:56:07 GMT
l
www.google.com/ads/measurement/ Frame 1E9D
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQLWHC7VHE53u3NVakky5swSXIheLRGBa6cYaa427IDsR-X5idNelnWaSqwOCPB1vlZAnZPqixFlzVkKRRWZ_aWuMiafA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

adview
googleads.g.doubleclick.net/pagead/ Frame 49AF
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgD5jKDnVYKDFK-_K7_UPpeyxmAjHtP-4Y-CYqumeCtvZHhABIMzT7IIBYJUCoAHb553yAsgBCakCK0TGGfQEtD6oAwHIA8sEqgTGAU_Q10GEjr-aIdstZGmzPoNh0tZeRovLosKzr0ecRvLfjfnIuEEaTVT4GlcRxsciHMa2BCL9Ja287lda0MA3V15Kgstpm51Mv7DG7Qaq_GqOHne1yseXhlAQ85_eUtt03vt9ehrmz9spBiuDE19_XNiDIkrwf0_Z5EfTBiH-NsYD4gJ2EiCqjEMt_OGb9HS8KWiUhWjUgGnuNFuNUX0FfG6528eQ6NqVhkUVC6G3_wDCrpyD-ybYeS5_4PqCTZcZxbQ3-46ODsAEpKraqvgBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB42Y4o0BqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIn3BtIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwyIFBbQFQGAFwGyFxoKGAgAEhRwdWItODQzOTAyNDg3NzMzMTA0OQ&sigh=smSTnEKyffk&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 25 Jun 2021 02:02:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/13436275602189823217/ Frame 49AF
19 KB
19 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13436275602189823217/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55f25cca5e1949d661fef811d8172b33e11683384fba8a52daee739e13d253f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 11:02:41 GMT
x-content-type-options
nosniff
age
140376
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19044
x-xss-protection
0
last-modified
Fri, 23 Oct 2020 09:20:31 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 11:02:41 GMT
truncated
/ Frame 49AF
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6F26
1 KB
864 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 24 Jun 2021 08:59:18 GMT
expires
Fri, 25 Jun 2021 08:59:18 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
61379
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 49AF
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aae8046ff00844fcefbdf463127c144381d2b6f664b8b2a2029e3c1c750e0fa2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8586
3 KB
4 KB
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1344155
x-guploader-uploadid
ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3262
cf-request-id
0ae28061fb00000eab97970000000001
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k04p3LpIHQbzWfDjVWoqMYYOhafLyO6C6Jl9ylHEvLqjvRGN%2F6fdWPqe0LAVEMjSoop0%2BhL%2F3wVb32ipE0m7UxBmPheEd8BtXG1Z0IkD%2B9eZHlzPEhs1SsDozXCVSG%2FAKOzaAva%2FH77o5kF17VM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
664a9ce32cdd0eab-FRA
expires
Thu, 09 Jun 2022 12:39:42 GMT
truncated
/ Frame 1E9D
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75218e18ad16a7a767fd01e50489f114e7433555172f6207430670f054863944

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame C33F
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cpi49KDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS2AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQOIQ3EvPzVeZYJyCvdyhZedIIgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItODQzOTAyNDg3NzMzMTA0OQ&sigh=6UbMF9Vjzu8
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/issosales/hrefly.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 25 Jun 2021 02:02:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 25 Jun 2021 02:02:17 GMT
winResponse
prod-rtb.ad4mat.net/ Frame C33F
0
0
Fetch
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1h5bqgv0qw7daaeh9wm1c0mfb9z8gpsc7wr1yyrkdkefvzbyg8cry8ss8v7htscnwbtz36e2fz9w0yp5aaycy42n202x31m3ayctk253byts4xaxt5pfyrj8vf2qbs96eqr5qrs5etnp6yw1p2a7xmvd8knb8xe4v1qe9enz7fp3qbekqmf0tcpj1zv9dr7q89kamd0kq92jgbvpbp9wbscyxxmgqzn53wmh55bj9e56ghhnrsg5zjs14dhn3tpx7b7c6v5fx7cgsaj452xyn8dg1s55yy91918y63geehr4kk9df8dj05kygph3pfg3d7858crbz5xw2pa7787g3m2my3haaqxcwg1txm0qbg0p5hbaawxvn3f2revptaa4yjqsee5w&b=YNU5KAAK0bMK5VxqAAmCC4XZ1nuCEW45yzy8kg
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/issosales/hrefly.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame 596E
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/ad/dr?ed=1jqjdqm14zkkem7m07c084kvk3bphhzqy4qthmnfn5w8v1fedcya0308jzchceh0s82vs9h19fzkxbrkbkyvjr5wch34af0r98d1hjn466fxcjbccg278215gbkdc0td1wf368793n72vmt6f7ny8czdy0enpgfxt5b86dh4msecwcndrddf0vpc7kxk3m2w39kk104q957wxy8p0hey94yyeap1zy9zebchqpapv019b6d3djtcjf70zgj3c0vkhwnqje8e6wdztbxvf21zygtmv6tz7nb3ptfd72zf8nmwfkss4ne1v2x99b57cxnzctx08cgccervnwpv96jqnd9p23j06z44e8zfr0mckcybwb5h2fgr7a82a4yy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%26client%3Dca-pub-8439024877331049%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb629fa016bab599c7790beafda967e627eef5402f7d8f74ec334900b2aaaa8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1jqjdqm14zkkem7m07c084kvk3bphhzqy4qthmnfn5w8v1fedcya0308jzchceh0s82vs9h19fzkxbrkbkyvjr5wch34af0r98d1hjn466fxcjbccg278215gbkdc0td1wf368793n72vmt6f7ny8czdy0enpgfxt5b86dh4msecwcndrddf0vpc7kxk3m2w39kk104q957wxy8p0hey94yyeap1zy9zebchqpapv019b6d3djtcjf70zgj3c0vkhwnqje8e6wdztbxvf21zygtmv6tz7nb3ptfd72zf8nmwfkss4ne1v2x99b57cxnzctx08cgccervnwpv96jqnd9p23j06z44e8zfr0mckcybwb5h2fgr7a82a4yy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%26client%3Dca-pub-8439024877331049%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0ae280621100004e79362cf000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664a9ce34ff34e79-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame C33F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 01:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2038
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 01:28:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B824
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 24 Jun 2021 08:59:18 GMT
expires
Fri, 25 Jun 2021 08:59:18 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
61379
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C33F
125 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469964731542"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
expires
Fri, 25 Jun 2021 02:02:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame C33F
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 01:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
server
cafe
etag
5108850372203985220
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 01:56:07 GMT
l
www.google.com/ads/measurement/ Frame C33F
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSihfmB8B35JLmyiXYfBdkPVIVqsarCmI5gcMbMOzNY-DPSMnoRt5ztmBgPDVIZ7cDNz_pztJe0UYkEzPJcCHvjs_vumQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 49AF
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 23:21:38 GMT
x-content-type-options
nosniff
age
96039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 23:21:38 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 49AF
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 16:47:53 GMT
x-content-type-options
nosniff
age
206064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:47:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 49AF
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 22:24:55 GMT
x-content-type-options
nosniff
age
185842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 22:24:55 GMT
frame.html
ad4m.at/ Frame 3EC0
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1g5sxvahccwpm8q4e0abnt88t3x7jv29sehtfhvy0ctbgbmh4ehrj14ndd3z6hy8qasqfmfyxw1yk646mn54b67wqez0k1bqa9s41chk8cgqm957p69499672zqtkdk1t9xsznznt7k43jeh77mec7f2168cz89aych115et8pjnj8yjbf6wh641h44zwj0an0q8sqfzbw54je2qm7hcjfx2g432xj3wdvw432j49jynfbc1tec94md59fwb1jny75nrskdw3q9e9mgrdc30g1v5r9rvaamn0n2c5064kffztvs12k8npzpx28408trpm7kva46033qkg4gpz5z839t42wvwhcap28q6qwrz9es0hgqcwv8ffz9efrv3j&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%26client%3Dca-pub-8439024877331049%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1g5sxvahccwpm8q4e0abnt88t3x7jv29sehtfhvy0ctbgbmh4ehrj14ndd3z6hy8qasqfmfyxw1yk646mn54b67wqez0k1bqa9s41chk8cgqm957p69499672zqtkdk1t9xsznznt7k43jeh77mec7f2168cz89aych115et8pjnj8yjbf6wh641h44zwj0an0q8sqfzbw54je2qm7hcjfx2g432xj3wdvw432j49jynfbc1tec94md59fwb1jny75nrskdw3q9e9mgrdc30g1v5r9rvaamn0n2c5064kffztvs12k8npzpx28408trpm7kva46033qkg4gpz5z839t42wvwhcap28q6qwrz9es0hgqcwv8ffz9efrv3j&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%26client%3Dca-pub-8439024877331049%26adurl%3D

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Fri, 25 Jun 2021 03:02:17 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
104780
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0ae280622800004ed30d835000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=X0GwLM2KqUYz9Lx052UbNVpl%2BTca228ECtw0I2us8aG5s9%2BRmlFTEyIv9dokCn5koGWZzuW0navGQ%2F9QBNi2UyMXAdA3%2Fvph8stSWuejRNpx2TNDcLQGGqyHXDD%2BZ7Ey"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
664a9ce378db4ed3-FRA
content-encoding
br
css
fonts.googleapis.com/ Frame 99CC
6 KB
765 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 01:42:25 GMT
server
ESF
date
Fri, 25 Jun 2021 02:02:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Jun 2021 02:02:17 GMT
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame AE1D
58 KB
59 KB
Stylesheet
General
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j4deb8cdft3f850rys4f67z7dd3fr97emdq1k1rg77fsqf2yv6qj2gse2e1rdt4js1daz0k8kwp52gdxbp7babrkzn6jjy6n230tmb70e233kjdpnaa076yt13xh20gm0ce2rbm6ch9fgzrvfat1d2f3cb14vpkkgs9asbq2wtxfvjn2y8kmwqtkqq5vdzw622zvw2chyk42g6gz5wp1b9rgcdg9h4d27ba7mynmw11qgancp3xqvpk5mcmz28h0cm9ej7hdy51r5fxc1pa8j99a9rysrg7kecsdynard6g4gmk4ph21hv1gyqpxq7azdfb465g7462hh7meayb9jebgnsgfk638h5vzswdnr1rjwz4kxfn6ntkqqz28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1j4deb8cdft3f850rys4f67z7dd3fr97emdq1k1rg77fsqf2yv6qj2gse2e1rdt4js1daz0k8kwp52gdxbp7babrkzn6jjy6n230tmb70e233kjdpnaa076yt13xh20gm0ce2rbm6ch9fgzrvfat1d2f3cb14vpkkgs9asbq2wtxfvjn2y8kmwqtkqq5vdzw622zvw2chyk42g6gz5wp1b9rgcdg9h4d27ba7mynmw11qgancp3xqvpk5mcmz28h0cm9ej7hdy51r5fxc1pa8j99a9rysrg7kecsdynard6g4gmk4ph21hv1gyqpxq7azdfb465g7462hh7meayb9jebgnsgfk638h5vzswdnr1rjwz4kxfn6ntkqqz28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8139790
cf-polished
origSize=59196
x-guploader-uploadid
ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
58969
cf-request-id
0ae280624400004ed308380000000001
last-modified
Tue, 16 Mar 2021 10:53:32 GMT
server
cloudflare
etag
"44274c587ed8382583221bb023d51c5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZGOXN1PxEYawnvuv75fA91Um9PAndwFCq2ET5Csi7tFHPGG2g8J%2FhE9yiaonWEIskLZ4N%2BdBOCsanV2Qxu2CH0bDGHIFPRNGKBfm2kK5I9wjRG2NdbnujOv8K99YuwoR"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615892011975494
content-type
text/css
expires
Tue, 22 Mar 2022 20:59:07 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
664a9ce399034ed3-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame AE1D
36 KB
12 KB
Script
General
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j4deb8cdft3f850rys4f67z7dd3fr97emdq1k1rg77fsqf2yv6qj2gse2e1rdt4js1daz0k8kwp52gdxbp7babrkzn6jjy6n230tmb70e233kjdpnaa076yt13xh20gm0ce2rbm6ch9fgzrvfat1d2f3cb14vpkkgs9asbq2wtxfvjn2y8kmwqtkqq5vdzw622zvw2chyk42g6gz5wp1b9rgcdg9h4d27ba7mynmw11qgancp3xqvpk5mcmz28h0cm9ej7hdy51r5fxc1pa8j99a9rysrg7kecsdynard6g4gmk4ph21hv1gyqpxq7azdfb465g7462hh7meayb9jebgnsgfk638h5vzswdnr1rjwz4kxfn6ntkqqz28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e

Request headers

Referer
https://ad4m.at/ad/dr?ed=1j4deb8cdft3f850rys4f67z7dd3fr97emdq1k1rg77fsqf2yv6qj2gse2e1rdt4js1daz0k8kwp52gdxbp7babrkzn6jjy6n230tmb70e233kjdpnaa076yt13xh20gm0ce2rbm6ch9fgzrvfat1d2f3cb14vpkkgs9asbq2wtxfvjn2y8kmwqtkqq5vdzw622zvw2chyk42g6gz5wp1b9rgcdg9h4d27ba7mynmw11qgancp3xqvpk5mcmz28h0cm9ej7hdy51r5fxc1pa8j99a9rysrg7kecsdynard6g4gmk4ph21hv1gyqpxq7azdfb465g7462hh7meayb9jebgnsgfk638h5vzswdnr1rjwz4kxfn6ntkqqz28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA==
date
Fri, 25 Jun 2021 02:02:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
49999
x-guploader-uploadid
ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae280624400004ed3af866000000001
last-modified
Mon, 14 Jun 2021 12:08:33 GMT
server
cloudflare
etag
W/"ff92efa079e8c446e6e02ffafd7c9154"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=U7IaoCPw53FX6ClX3XZYuJPwUWXK3ZL%2BSJZosL9gZhmSp3Cde%2FqvPWH4czx5t7LrmaNM8ombivOrwlSrnmfOy8nZxfmiLs7sR8Qpx%2ForMnS1%2F%2FoTMUYbTMZniQ8pgYP5"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623672513020985
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11953
cf-ray
664a9ce399044ed3-FRA
expires
Thu, 24 Jun 2021 12:08:58 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 99CC
1 KB
909 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 23:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jul 2021 23:50:23 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/ Frame 99CC
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 00:43:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7073
x-xss-protection
0
server
cafe
etag
4951781748486473094
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 00:43:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 99CC
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 00:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 00:36:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 99CC
125 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469964731542"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
expires
Fri, 25 Jun 2021 02:02:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 99CC
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 01:55:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
server
cafe
etag
5108850372203985220
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 01:55:33 GMT
5be26e13f65761684aaaff0594247b1f.js
www.gstatic.com/mysidia/ Frame 99CC
25 KB
10 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/5be26e13f65761684aaaff0594247b1f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 13:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10687
x-xss-protection
0
last-modified
Thu, 17 Jun 2021 06:31:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 Sep 2021 13:49:51 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 99CC
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3QcVKDnVYLzzKoOJ7_UPiu2msAf54NuwY5j8xt24De-RyseVDhABIMzT7IIBYJUCoAHin5u2AcgBCakCK0TGGfQEtD6oAwHIA8sEqgTIAU_QGjWeDfzl60X92cLZAiC522j3RMwJWtlJlhPmJnas_PiWjAet_GpUmTG_bWpcH-rBmLsC_yWkrISWZivZQ7_fVxXCqQL6QHEH16UJzsovYvANAN3ZihJRAFRsROtxTJBXPw-CjxKJvGk0YjTZtYY7nC3t8oqOVLnQ_5tk_cUpqpfIQTMKku-3hNBTP00gE2oOgIPHK9WxaKurfb70o6oBdS7xmhOMPHGYcu2UofKxCzcJmBZDmyhE-fs8GVITUoMj6cXzm8gGwAT6rIL1yQOSBQQIBBgBkgUECAUYBKAGLoAHhuDkyQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQs6wB0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBgBcBshcaChgIABIUcHViLTg0MzkwMjQ4NzczMzEwNDk&sigh=z8kPpBRsnxY&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 25 Jun 2021 02:02:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/6655779719968263456/ Frame 99CC
22 KB
22 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6655779719968263456/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5754eb7a631df7300a4add38762438f59bcf8ac0610aa115a88426eb76f40854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 12:31:46 GMT
x-content-type-options
nosniff
age
135031
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22234
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 16:30:58 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 12:31:46 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4457703124210140682/ Frame 99CC
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4457703124210140682/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f25aa966d01136d409d218085ada8afcc4ec79b216c9d8d231171a2e22a9cffc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 06:52:27 GMT
x-content-type-options
nosniff
age
155390
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3605
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 16:30:58 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 06:52:27 GMT
truncated
/ Frame 99CC
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
dpixel
cms.quantserve.com/ Frame C225
35 B
462 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJlXH8wSv7wrN2TebB6Csqc&google_cver=1&google_push=AYg5qPIjYFZMV1D0OMJyoEgqFLQ97VRO3RXF8YZo-q5KnBWL77M3WulpgP-jlwALSq433RGyENj-o5nYRDh06Exy7KZDK-3Jnfg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C225
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKlBrW794cX36TcQ5WB0tac&google_cver=1&google_push=AYg5qPIY0w_p4Lplt58y3px6D_vPCjxJj0hxYXANuFFja1_cyTYrfPubKGtctKr3RHpXsvpyjhlZj4gtVoUan-V3Qg6Lhs150ww
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIY0w_p4Lplt58y3px6D_vPCjxJj0hxYXANuFFja1_cyTYrfPubKGtctKr3RHpXsvpyjhlZj4gtVoUan-V3Qg6Lhs150ww&google_hm=Q0FFU0VLbEJyVzc5NGNYMz...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIY0w_p4Lplt58y3px6D_vPCjxJj0hxYXANuFFja1_cyTYrfPubKGtctKr3RHpXsvpyjhlZj4gtVoUan-V3Qg6Lhs150ww&google_hm=Q0FFU0VLbEJyVzc5NGNYMzZUY1E1V0IwdGFj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:17 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIY0w_p4Lplt58y3px6D_vPCjxJj0hxYXANuFFja1_cyTYrfPubKGtctKr3RHpXsvpyjhlZj4gtVoUan-V3Qg6Lhs150ww&google_hm=Q0FFU0VLbEJyVzc5NGNYMzZUY1E1V0IwdGFj
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C225
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLPyVTfMHcVlwaB1t7Q7fWi9jBhnAdYnlG5xTbY4bVouvbCmr3LY7UkBXd2UgZMqxbu_SJnURhlgZP8PP8CToiMnUAEP6-g&google_gid=CAESEF5y9O558r7RSPPe8PpOCK8&goo...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKny1IYGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMUHlWVGZNSGNWbHdhQjF0N1E3ZldpOWpCaG5BZFlubEc1eFRiWTRiVm91dmJDbXIzTFk3VWtCWGQyVWdaTXF4YnVfU0puVVJobGdaUDhQUD...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTUU3czJXQUJLeTdPZGRVTEN5WThBWDVaVFhnTHB2WnFTam5xTlhiQi1UOA==&google_push
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTUU3czJXQUJLeTdPZGRVTEN5WThBWDVaVFhnTHB2WnFTam5xTlhiQi1UOA==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTUU3czJXQUJLeTdPZGRVTEN5WThBWDVaVFhnTHB2WnFTam5xTlhiQi1UOA==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame C225
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIMkcZG...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIMkcZG...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MjUwMjAyMTc4MjkyOTUwODQyODYwMg%3D%3D&google_push=AYg5qPIMkcZGOeJTCs3g-4HBWu3lKNa4BJfCmssymwMqO8AY1ZzlaRWQkh4MNHi_J54FnE...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MjUwMjAyMTc4MjkyOTUwODQyODYwMg%3D%3D&google_push=AYg5qPIMkcZGOeJTCs3g-4HBWu3lKNa4BJfCmssymwMqO8AY1ZzlaRWQkh4MNHi_J54FnEpJN4seHdJbVqELbYDB_JEYcOf0EW2D
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MjUwMjAyMTc4MjkyOTUwODQyODYwMg%3D%3D&google_push=AYg5qPIMkcZGOeJTCs3g-4HBWu3lKNa4BJfCmssymwMqO8AY1ZzlaRWQkh4MNHi_J54FnEpJN4seHdJbVqELbYDB_JEYcOf0EW2D
pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Fri, 25 Jun 2021 02:02:17 GMT
pixel
cm.g.doubleclick.net/ Frame C225
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEO7QViUTA8JH93AUWW51GHI&google_cver=1&google_push=AYg5qPIsVdItkaP2lBxigXZnOo4WgWaR5K36GKfX5Fc5myeDzgXUTIAqTf46OlXBmqmjbtmcUT0myyH29a2VLCx1wz5x3MqnsARb
  • https://rtb.openx.net/sync/dds?google_gid=CAESEO7QViUTA8JH93AUWW51GHI&google_cver=1&google_push=AYg5qPIsVdItkaP2lBxigXZnOo4WgWaR5K36GKfX5Fc5myeDzgXUTIAqTf46OlXBmqmjbtmcUT0myyH29a2VLCx1wz5x3MqnsARb&...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIsVdItkaP2lBxigXZnOo4WgWaR5K36GKfX5Fc5myeDzgXUTIAqTf46OlXBmqmjbtmcUT0myyH29a2VLCx1wz5x3MqnsARb&google_hm=Kiwzpt_YzgQ0DC_2CvBG-g==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIsVdItkaP2lBxigXZnOo4WgWaR5K36GKfX5Fc5myeDzgXUTIAqTf46OlXBmqmjbtmcUT0myyH29a2VLCx1wz5x3MqnsARb&google_hm=Kiwzpt_YzgQ0DC_2CvBG-g==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIsVdItkaP2lBxigXZnOo4WgWaR5K36GKfX5Fc5myeDzgXUTIAqTf46OlXBmqmjbtmcUT0myyH29a2VLCx1wz5x3MqnsARb&google_hm=Kiwzpt_YzgQ0DC_2CvBG-g==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
tf7l99mie1uf6t36fac981n9oq8mspbc
pixel
cm.g.doubleclick.net/ Frame C225
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YO...
0
0

trk
ag.innovid.com/ Frame C225
43 B
295 B
Image
General
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIs2ypo0EYczyT3RvfGU6ko&google_cver=1&google_push=AYg5qPLjndHAYKxxG3Diq2e13e5GYYkEvtkhxu9YGXMNiOoq11qdj_BCXezz61CxOJjfYsv8bz0WogjM_PtqY849Ga0-6m_M3F01
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:d5a3:82d4:c5d1:6c2f London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame C225
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KUPetDUwS5HvQDM4k-iKIWxrKwlBS-J7Wm2L_ocCtkTCmyJIHVPPES17n5U4NCBK0l583b
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178&nras=2&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=p1qRt3az8s&p=https%3A//all-news.co&dtd=30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame C33F
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
800ced4a3950b2d3cc18b23fe46226319aeb5989ba4b7c95abe854145cd88722

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2190
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 24 Jun 2021 08:59:18 GMT
expires
Fri, 25 Jun 2021 08:59:18 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
61379
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame 596E
58 KB
59 KB
Stylesheet
General
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jqjdqm14zkkem7m07c084kvk3bphhzqy4qthmnfn5w8v1fedcya0308jzchceh0s82vs9h19fzkxbrkbkyvjr5wch34af0r98d1hjn466fxcjbccg278215gbkdc0td1wf368793n72vmt6f7ny8czdy0enpgfxt5b86dh4msecwcndrddf0vpc7kxk3m2w39kk104q957wxy8p0hey94yyeap1zy9zebchqpapv019b6d3djtcjf70zgj3c0vkhwnqje8e6wdztbxvf21zygtmv6tz7nb3ptfd72zf8nmwfkss4ne1v2x99b57cxnzctx08cgccervnwpv96jqnd9p23j06z44e8zfr0mckcybwb5h2fgr7a82a4yy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1jqjdqm14zkkem7m07c084kvk3bphhzqy4qthmnfn5w8v1fedcya0308jzchceh0s82vs9h19fzkxbrkbkyvjr5wch34af0r98d1hjn466fxcjbccg278215gbkdc0td1wf368793n72vmt6f7ny8czdy0enpgfxt5b86dh4msecwcndrddf0vpc7kxk3m2w39kk104q957wxy8p0hey94yyeap1zy9zebchqpapv019b6d3djtcjf70zgj3c0vkhwnqje8e6wdztbxvf21zygtmv6tz7nb3ptfd72zf8nmwfkss4ne1v2x99b57cxnzctx08cgccervnwpv96jqnd9p23j06z44e8zfr0mckcybwb5h2fgr7a82a4yy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8139790
cf-polished
origSize=59196
x-guploader-uploadid
ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
58969
cf-request-id
0ae280629400004ed3ee986000000001
last-modified
Tue, 16 Mar 2021 10:53:32 GMT
server
cloudflare
etag
"44274c587ed8382583221bb023d51c5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=V2Q7tn6oqJso2wkX0mUNc2qbb4FF9vJgwMD8k8%2BOknVBxstD8XaDnkOAbqEsGNfmMWLGR0rTNvAyynbraiLnc8TbupG3%2FofdI7yh1QQ0ugn8EwK34bp8c17vfRCVpcrV"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615892011975494
content-type
text/css
expires
Tue, 22 Mar 2022 20:59:07 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
664a9ce429994ed3-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 596E
36 KB
12 KB
Script
General
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jqjdqm14zkkem7m07c084kvk3bphhzqy4qthmnfn5w8v1fedcya0308jzchceh0s82vs9h19fzkxbrkbkyvjr5wch34af0r98d1hjn466fxcjbccg278215gbkdc0td1wf368793n72vmt6f7ny8czdy0enpgfxt5b86dh4msecwcndrddf0vpc7kxk3m2w39kk104q957wxy8p0hey94yyeap1zy9zebchqpapv019b6d3djtcjf70zgj3c0vkhwnqje8e6wdztbxvf21zygtmv6tz7nb3ptfd72zf8nmwfkss4ne1v2x99b57cxnzctx08cgccervnwpv96jqnd9p23j06z44e8zfr0mckcybwb5h2fgr7a82a4yy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%26client%3Dca-pub-8439024877331049%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e

Request headers

Referer
https://ad4m.at/ad/dr?ed=1jqjdqm14zkkem7m07c084kvk3bphhzqy4qthmnfn5w8v1fedcya0308jzchceh0s82vs9h19fzkxbrkbkyvjr5wch34af0r98d1hjn466fxcjbccg278215gbkdc0td1wf368793n72vmt6f7ny8czdy0enpgfxt5b86dh4msecwcndrddf0vpc7kxk3m2w39kk104q957wxy8p0hey94yyeap1zy9zebchqpapv019b6d3djtcjf70zgj3c0vkhwnqje8e6wdztbxvf21zygtmv6tz7nb3ptfd72zf8nmwfkss4ne1v2x99b57cxnzctx08cgccervnwpv96jqnd9p23j06z44e8zfr0mckcybwb5h2fgr7a82a4yy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA==
date
Fri, 25 Jun 2021 02:02:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
49999
x-guploader-uploadid
ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae280629400004ed3a7a06000000001
last-modified
Mon, 14 Jun 2021 12:08:33 GMT
server
cloudflare
etag
W/"ff92efa079e8c446e6e02ffafd7c9154"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C8N%2F18Hi%2BFwu1z%2BmQBbeja1j6n16VX8S70A7ujP6pZFzG%2F3tZeNI%2BnH1n2i9LkECYVZ9K2PDWOyeQ6EVmGHBH4pdYYKz7%2BxBgwkHaR4mJCHkOqH2Hu%2Fy9Bs1iEBp96mo"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623672513020985
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11953
cf-ray
664a9ce4299b4ed3-FRA
expires
Thu, 24 Jun 2021 12:08:58 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame AE1D
3 KB
4 KB
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1344155
x-guploader-uploadid
ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3262
cf-request-id
0ae28062ab00002c424eb83000000001
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=flpujQE8dPq7ipAqRhh%2Fp899L7D0LRChgLI5DYUWDJ2yFP92flrhSs45xBQgZxqETE97bd7gb3Z0Ra3kDySUeb1OSgre4rk4nNleSnt6rMBmNjUBaQgfFGy7Q9GZygMuisjJc33NyqfYt1jYEhY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
664a9ce44ea82c42-FRA
expires
Thu, 09 Jun 2022 12:39:42 GMT
pixel
cm.g.doubleclick.net/ Frame 6F26
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPTIh9SBaLE3sAX7GW9FM-w&google_cver=1&google_push=AYg5qPJfkmZfLgnOSGoSN3MsS6mY79nWtcu6D6Fo_xHmlQ9W2wBOQTheBK...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJfkmZfLgnOSGoSN3MsS6mY79nWtcu6D6Fo_xHmlQ9W2wBOQTheBKZdLmZlYP2d4Hj8lX2Wi2BPwkJ44lTSZj3HB2Mc_QbI&google_hm=unTJ1m...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJfkmZfLgnOSGoSN3MsS6mY79nWtcu6D6Fo_xHmlQ9W2wBOQTheBKZdLmZlYP2d4Hj8lX2Wi2BPwkJ44lTSZj3HB2Mc_QbI&google_hm=unTJ1mSYa0RNMrOdtZTSQQ
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJfkmZfLgnOSGoSN3MsS6mY79nWtcu6D6Fo_xHmlQ9W2wBOQTheBKZdLmZlYP2d4Hj8lX2Wi2BPwkJ44lTSZj3HB2Mc_QbI&google_hm=unTJ1mSYa0RNMrOdtZTSQQ
pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6F26
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENEmX_StsJ9-vZj3mUqASBw&google_cver=1&google_push=AYg5qPJogVwaPTlvMJhzwM3iHRR0VIJIQfk6xFkISHiUq39X-NiaXQ5uPmJu8RUcbH2Z7P3rVPGyPiXFCJ9wLcVDrNXjv7nLlTQ
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJogVwaPTlvMJhzwM3iHRR0VIJIQfk6xFkISHiUq39X-NiaXQ5uPmJu8RUcbH2Z7P3rVPGyPiXFCJ9wLcVDrNXjv7nLlTQ&google_hm=Q0FFU0VORW1YX1N0c0o5LX...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJogVwaPTlvMJhzwM3iHRR0VIJIQfk6xFkISHiUq39X-NiaXQ5uPmJu8RUcbH2Z7P3rVPGyPiXFCJ9wLcVDrNXjv7nLlTQ&google_hm=Q0FFU0VORW1YX1N0c0o5LXZaajNtVXFBU0J3
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:17 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJogVwaPTlvMJhzwM3iHRR0VIJIQfk6xFkISHiUq39X-NiaXQ5uPmJu8RUcbH2Z7P3rVPGyPiXFCJ9wLcVDrNXjv7nLlTQ&google_hm=Q0FFU0VORW1YX1N0c0o5LXZaajNtVXFBU0J3
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 6F26
43 B
324 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEM9eu9ukaASlTiO7iOtM2y4&google_push=AYg5qPLj0ByLGp7kDGOFU9ygvuwmaSXRekHp_0nZ2TWp_mSdIURqhWcBCRpYNVeKlTbbs6tm1XAEyP8_xED0DdLJ2YuiW-tGOdXN&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6F26
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJax2u64U7tT_HOgQirePhQ&google_cver=1&google_push=AYg5qPLBaxg88X826f84SaMbG0f5i1qNlxwYulJZwl4IYcBvf8HsUYm8HDdlxZzXb9kKDJKTQ27OwqZvplZjrwz1SHvRWVJ_QaeY
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLBaxg88X826f84SaMbG0f5i1qNlxwYulJZwl4IYcBvf8HsUYm8HDdlxZzXb9kKDJKTQ27OwqZvplZjrwz1SHvRWVJ_QaeY&google_hm=Kiwzpt_YzgQ0DC_2CvBG-g==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLBaxg88X826f84SaMbG0f5i1qNlxwYulJZwl4IYcBvf8HsUYm8HDdlxZzXb9kKDJKTQ27OwqZvplZjrwz1SHvRWVJ_QaeY&google_hm=Kiwzpt_YzgQ0DC_2CvBG-g==
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:16 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLBaxg88X826f84SaMbG0f5i1qNlxwYulJZwl4IYcBvf8HsUYm8HDdlxZzXb9kKDJKTQ27OwqZvplZjrwz1SHvRWVJ_QaeY&google_hm=Kiwzpt_YzgQ0DC_2CvBG-g==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
0n96jkpis6hd1cm8mk15ioo10il7ecq5
pixel
cm.g.doubleclick.net/ Frame 6F26
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4FqU4oRDT6SPtNrGJ56Wrw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4FqU4oRDT6SPtNrGJ56Wrw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK_oR-XQT3fEPECa__Yc8d0fn3lTcOE2gAvkp9FNlPTkR1J0RhNmqJcZZz_9AOtJzY1WAI7-bunjGoMokEMAbhMbWoMKUzk
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4FqU4oRDT6SPtNrGJ56Wrw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK_oR-XQT3fEPECa__Yc8d0fn3lTcOE2gAvkp9FNlPTkR1J0RhNmqJcZZz_9AOtJzY1WAI7-bunjGoMokEMAbhMbWoMKUzk
date
Fri, 25 Jun 2021 02:02:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6F26
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECnaQokrojocyCDlHxt8awI&google_cver=1&google_push=AYg5qPIy2Dqdm66GoP99zQuiNuJlvdzp8WCEQXqp0MC-vhaofNerjfXCjaKzri07riRoAIJz9r9...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZOM0otRS0xWldR&google_push=AYg5qPIy2Dqdm66GoP99zQuiNuJlvdzp8WCEQXqp0MC-vhaofNerjfXCjaKzri07riRoAIJz9r9E3qcq4uKUESgQChv7xitK9Qed
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZOM0otRS0xWldR&google_push=AYg5qPIy2Dqdm66GoP99zQuiNuJlvdzp8WCEQXqp0MC-vhaofNerjfXCjaKzri07riRoAIJz9r9E3qcq4uKUESgQChv7xitK9Qed
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZOM0otRS0xWldR&google_push=AYg5qPIy2Dqdm66GoP99zQuiNuJlvdzp8WCEQXqp0MC-vhaofNerjfXCjaKzri07riRoAIJz9r9E3qcq4uKUESgQChv7xitK9Qed
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6F26
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUr...
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 6F26
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbOGqNyIMCKJmRtVCLKesBoJq8v474WQghF-l3IOgDHx1y39cF9M7-x0E10MK0NEOAzZZC
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 99CC
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e31bb0c654968cfe0fb956a9d6dcf770846ce378c9ba298bbe6b5f07f8ae17b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 99CC
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 16:47:53 GMT
x-content-type-options
nosniff
age
206064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:47:53 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 99CC
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 02:11:10 GMT
x-content-type-options
nosniff
age
85867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jun 2022 02:11:10 GMT
frame.html
ad4m.at/ Frame DCC9
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1j4deb8cdft3f850rys4f67z7dd3fr97emdq1k1rg77fsqf2yv6qj2gse2e1rdt4js1daz0k8kwp52gdxbp7babrkzn6jjy6n230tmb70e233kjdpnaa076yt13xh20gm0ce2rbm6ch9fgzrvfat1d2f3cb14vpkkgs9asbq2wtxfvjn2y8kmwqtkqq5vdzw622zvw2chyk42g6gz5wp1b9rgcdg9h4d27ba7mynmw11qgancp3xqvpk5mcmz28h0cm9ej7hdy51r5fxc1pa8j99a9rysrg7kecsdynard6g4gmk4ph21hv1gyqpxq7azdfb465g7462hh7meayb9jebgnsgfk638h5vzswdnr1rjwz4kxfn6ntkqqz28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%26client%3Dca-pub-8439024877331049%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1j4deb8cdft3f850rys4f67z7dd3fr97emdq1k1rg77fsqf2yv6qj2gse2e1rdt4js1daz0k8kwp52gdxbp7babrkzn6jjy6n230tmb70e233kjdpnaa076yt13xh20gm0ce2rbm6ch9fgzrvfat1d2f3cb14vpkkgs9asbq2wtxfvjn2y8kmwqtkqq5vdzw622zvw2chyk42g6gz5wp1b9rgcdg9h4d27ba7mynmw11qgancp3xqvpk5mcmz28h0cm9ej7hdy51r5fxc1pa8j99a9rysrg7kecsdynard6g4gmk4ph21hv1gyqpxq7azdfb465g7462hh7meayb9jebgnsgfk638h5vzswdnr1rjwz4kxfn6ntkqqz28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%26client%3Dca-pub-8439024877331049%26adurl%3D

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Fri, 25 Jun 2021 03:02:17 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
104780
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0ae28062d300004ed3a6a66000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nl%2Fnree2PvCxhhtfloQtvKrqZXETL62TYESdbRZt1KDLG%2Fubz0up%2FPzyj2RW1xcy8oW5EzqsiWd%2F%2FbqPrBYVBZd4IlnfHy90mH6CFz%2BQlDUYEcrC2z9M9Bi4wmEI0X9c"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
664a9ce48a514ed3-FRA
content-encoding
br
mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
pagead2.googlesyndication.com/bg/ Frame 1EFA
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=940516678&adf=3630565077&pi=t.aa~a.2369760627~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2063&idt=1&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280%2C324x250&nras=6&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=v4HveilMfI&p=https%3A//all-news.co&dtd=47
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 20:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
191988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5744
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jun 2022 20:42:29 GMT
pixel
cm.g.doubleclick.net/ Frame B824
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGjCXocjV7y_5deyWwpqS_k&google_cver=1&google_push=AYg5qPKDrj1BqFHoGaXIWrSrvOUn-Xmc-EzqcDNCk9qCndDUwXAROuggDk...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKDrj1BqFHoGaXIWrSrvOUn-Xmc-EzqcDNCk9qCndDUwXAROuggDkuVUbM6AluaOnjOAKmbvfmDy_f7oKOc9ujuMAE1pn7z&google_hm=unTJ1m...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKDrj1BqFHoGaXIWrSrvOUn-Xmc-EzqcDNCk9qCndDUwXAROuggDkuVUbM6AluaOnjOAKmbvfmDy_f7oKOc9ujuMAE1pn7z&google_hm=unTJ1mSYa0RNMrOdtZTSQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKDrj1BqFHoGaXIWrSrvOUn-Xmc-EzqcDNCk9qCndDUwXAROuggDkuVUbM6AluaOnjOAKmbvfmDy_f7oKOc9ujuMAE1pn7z&google_hm=unTJ1mSYa0RNMrOdtZTSQQ
pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame B824
42 B
317 B
Image
General
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIuXVSp63ax6k2Etnl5YRW-j-j95DTmoB1GxnA16QnRXQ6ynnHoaUYW4PLaOM0rUFof52w1qMG1Q4XFGwyqR8LIR9r93NmPPQ&google_gid=CAESEOIEMEJUDsgwJSZsWvCwvBc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
pixel
cm.g.doubleclick.net/ Frame B824
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLSA4DU...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLSA4DU...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MjUwMjAyMTc4MjkyOTUwODQyODYwMg%3D%3D&google_push=AYg5qPLSA4DU8SCbybvQ_Kfm0Sd-yP9drlN0ZgbKt2N83lCNOTBNmRv4aaCcrYhT6zjUgk...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MjUwMjAyMTc4MjkyOTUwODQyODYwMg%3D%3D&google_push=AYg5qPLSA4DU8SCbybvQ_Kfm0Sd-yP9drlN0ZgbKt2N83lCNOTBNmRv4aaCcrYhT6zjUgkAFLenYWsxorrH_7B6MyLbppC8gs7EldQ
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MjUwMjAyMTc4MjkyOTUwODQyODYwMg%3D%3D&google_push=AYg5qPLSA4DU8SCbybvQ_Kfm0Sd-yP9drlN0ZgbKt2N83lCNOTBNmRv4aaCcrYhT6zjUgkAFLenYWsxorrH_7B6MyLbppC8gs7EldQ
pragma
no-cache
date
Fri, 25 Jun 2021 02:02:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Fri, 25 Jun 2021 02:02:18 GMT
sync
odr.mookie1.com/t/v2/ Frame B824
43 B
106 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEM4rxZnmmKamlFauPJdOLi4&google_push=AYg5qPJRYFPOUgavD9E6CPal5xD7EsuJytCWDZYpfmrzOuhtR89yxOdAbHlFe0-RFETG8cz3Y8JKSoAiHhyVi8ksOzOHJwn18d_h&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B824
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDb8EVPgyly5iWnNG5v1sBE&google_cver=1&google_push=AYg5qPI1RYNh2Glbpw4CO7LyXVzIN0CTVlxm6QFn63YgOyZ-wXT5rXtxnIw1Jix5KdZhZ8di3RDy-UJshh4hsfv3-MVD8e4Alq5UBQ
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI1RYNh2Glbpw4CO7LyXVzIN0CTVlxm6QFn63YgOyZ-wXT5rXtxnIw1Jix5KdZhZ8di3RDy-UJshh4hsfv3-MVD8e4Alq5UBQ&google_hm=Kiwzpt_YzgQ0DC_2CvBG-g==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI1RYNh2Glbpw4CO7LyXVzIN0CTVlxm6QFn63YgOyZ-wXT5rXtxnIw1Jix5KdZhZ8di3RDy-UJshh4hsfv3-MVD8e4Alq5UBQ&google_hm=Kiwzpt_YzgQ0DC_2CvBG-g==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI1RYNh2Glbpw4CO7LyXVzIN0CTVlxm6QFn63YgOyZ-wXT5rXtxnIw1Jix5KdZhZ8di3RDy-UJshh4hsfv3-MVD8e4Alq5UBQ&google_hm=Kiwzpt_YzgQ0DC_2CvBG-g==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
a6j9hcfc4571c0knlhdh1i9poc6012oq
pixel
cm.g.doubleclick.net/ Frame B824
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xJ3Wgj-xQkaHLYA0n1ax5A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xJ3Wgj-xQkaHLYA0n1ax5A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKOF3wh240mWFFhcJ8yIBkSr4Nzb1aIIVi7_hMDEaNyuFY-ZrYqIMnHbh_zhDep8xX1o3C981KsKXWgGll3GCZfT4iB6sP9zA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xJ3Wgj-xQkaHLYA0n1ax5A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKOF3wh240mWFFhcJ8yIBkSr4Nzb1aIIVi7_hMDEaNyuFY-ZrYqIMnHbh_zhDep8xX1o3C981KsKXWgGll3GCZfT4iB6sP9zA
date
Fri, 25 Jun 2021 02:02:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B824
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09t...
0
0

attr
cm.g.doubleclick.net/pixel/ Frame B824
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJvTnGLCdprCrR9JEXDgLE2hlrclGjF_IHLSqgfqYQOsKFqNZtOhWmuzcjI26S7aVAgivG
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=1&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C1200x280&nras=5&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=SG20IKVrSO&p=https%3A//all-news.co&dtd=43
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 596E
3 KB
4 KB
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1344155
x-guploader-uploadid
ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3262
cf-request-id
0ae28062f400002c420a009000000001
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EEkZdOXI1uO%2FrQaOAu1xHPT7OjGEoLkIe45U1nDKHkCmovjVCHLKvqkDuV16fRC8%2Bs%2B7a4MIVSTdPmglIzaQaN42gARwvUL5kPHz%2BIrWW6H%2F6BbdFRD8V9iWOpYChqrMmW0RuzHYoYqB%2F6ag7mI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
664a9ce4bf192c42-FRA
expires
Thu, 09 Jun 2022 12:39:42 GMT
frame.html
ad4m.at/ Frame A673
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1jqjdqm14zkkem7m07c084kvk3bphhzqy4qthmnfn5w8v1fedcya0308jzchceh0s82vs9h19fzkxbrkbkyvjr5wch34af0r98d1hjn466fxcjbccg278215gbkdc0td1wf368793n72vmt6f7ny8czdy0enpgfxt5b86dh4msecwcndrddf0vpc7kxk3m2w39kk104q957wxy8p0hey94yyeap1zy9zebchqpapv019b6d3djtcjf70zgj3c0vkhwnqje8e6wdztbxvf21zygtmv6tz7nb3ptfd72zf8nmwfkss4ne1v2x99b57cxnzctx08cgccervnwpv96jqnd9p23j06z44e8zfr0mckcybwb5h2fgr7a82a4yy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%26client%3Dca-pub-8439024877331049%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1jqjdqm14zkkem7m07c084kvk3bphhzqy4qthmnfn5w8v1fedcya0308jzchceh0s82vs9h19fzkxbrkbkyvjr5wch34af0r98d1hjn466fxcjbccg278215gbkdc0td1wf368793n72vmt6f7ny8czdy0enpgfxt5b86dh4msecwcndrddf0vpc7kxk3m2w39kk104q957wxy8p0hey94yyeap1zy9zebchqpapv019b6d3djtcjf70zgj3c0vkhwnqje8e6wdztbxvf21zygtmv6tz7nb3ptfd72zf8nmwfkss4ne1v2x99b57cxnzctx08cgccervnwpv96jqnd9p23j06z44e8zfr0mckcybwb5h2fgr7a82a4yy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%26client%3Dca-pub-8439024877331049%26adurl%3D

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Fri, 25 Jun 2021 03:02:17 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
104780
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0ae28062fa00004ed3c5818000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fq%2BEwuMIH151V%2FZDQ%2FeJ4GtpeUjv6m01gABy%2Bi3tFZ%2FEPsJJzhsFcSC2rBKKf6pLW9rEEriEZxQ6CUBORonNYCb9AdhiChEY3GxLxepBx69L7KEGNDhWH4AlCAx9ZRKd"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
664a9ce4ca8f4ed3-FRA
content-encoding
br
pixel
cm.g.doubleclick.net/ Frame 2190
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJ7_q3FyW2aMu_eNeaMeBMdHUSAXdheePcFDDd...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5VNUtRQUFBSjFwTmstQQ&google_push=AYg5qPJ7_q3FyW2aMu_eNeaMeBMdHUSAXdheePcFDDduMdRc7qe9zq0sRmvx4CA0EZra9G6sFzLaOgTSaQyCtJSTAyCtCDouPVQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5VNUtRQUFBSjFwTmstQQ&google_push=AYg5qPJ7_q3FyW2aMu_eNeaMeBMdHUSAXdheePcFDDduMdRc7qe9zq0sRmvx4CA0EZra9G6sFzLaOgTSaQyCtJSTAyCtCDouPVQ
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5VNUtRQUFBSjFwTmstQQ&google_push=AYg5qPJ7_q3FyW2aMu_eNeaMeBMdHUSAXdheePcFDDduMdRc7qe9zq0sRmvx4CA0EZra9G6sFzLaOgTSaQyCtJSTAyCtCDouPVQ
Date
Fri, 25 Jun 2021 02:02:17 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 2190
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEMexd5MCgR5rDdFAdTopwlI&google_cver=1&google_push=AYg5qPJjh0ZA4L1AnbSu83n05LbYt2US2ZnY3Ng8fsTGV7Ypx9AoAKTfRIJB2a8e-GsYY2FZHsLrUqhnSO82Fj0-5sj0ctxZpHr6
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJjh0ZA4L1AnbSu83n05LbYt2US2ZnY3Ng8fsTGV7Ypx9AoAKTfRIJB2a8e-GsYY2FZHsLrUqhnSO82Fj0-5sj0ctxZpHr6&google_hm=Q0FFU0VNZXhkNU1DZ1I1c...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJjh0ZA4L1AnbSu83n05LbYt2US2ZnY3Ng8fsTGV7Ypx9AoAKTfRIJB2a8e-GsYY2FZHsLrUqhnSO82Fj0-5sj0ctxZpHr6&google_hm=Q0FFU0VNZXhkNU1DZ1I1ckRkRkFkVG9wd2xJ
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:17 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJjh0ZA4L1AnbSu83n05LbYt2US2ZnY3Ng8fsTGV7Ypx9AoAKTfRIJB2a8e-GsYY2FZHsLrUqhnSO82Fj0-5sj0ctxZpHr6&google_hm=Q0FFU0VNZXhkNU1DZ1I1ckRkRkFkVG9wd2xJ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 2190
42 B
306 B
Image
General
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL1z0SdvTsc5Q5cFrBG5CliQ6vTnvdnzKCI5SV6Ue3bGXWqlJn_oB9IYt9xm4V0soGBnj3HjFEoMbRWZ18bzhdIbs4J7I_Z&google_gid=CAESEAv-m6fCis_NPsU6YX3I5WY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
pixel
cm.g.doubleclick.net/ Frame 2190
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4FqU4oRDT6SPtNrGJ56Wrw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4FqU4oRDT6SPtNrGJ56Wrw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLCboDZapssgetfrCplqTKbGvbYwP1bX_NtIoSy_C-7fOAmGMn1KzA-PaUeHzVv9EYKjaeRwgw0qRqN-wbK7rvJLi6ajV8
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4FqU4oRDT6SPtNrGJ56Wrw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLCboDZapssgetfrCplqTKbGvbYwP1bX_NtIoSy_C-7fOAmGMn1KzA-PaUeHzVv9EYKjaeRwgw0qRqN-wbK7rvJLi6ajV8
date
Fri, 25 Jun 2021 02:02:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2190
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJclXSYyrde-HGwSE3_8H_Q&google_cver=1&google_push=AYg5qPIuinfOoTmXFwP3FcDWlmzqzRZLJOHRVLx7I15NyOTCC9R7R0n8GoeZ6K4pqPA5pxKHOww...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZONzYtWi03V0w5&google_push=AYg5qPIuinfOoTmXFwP3FcDWlmzqzRZLJOHRVLx7I15NyOTCC9R7R0n8GoeZ6K4pqPA5pxKHOwwCvrlxazNc33IaUNVV6fScoE55
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZONzYtWi03V0w5&google_push=AYg5qPIuinfOoTmXFwP3FcDWlmzqzRZLJOHRVLx7I15NyOTCC9R7R0n8GoeZ6K4pqPA5pxKHOwwCvrlxazNc33IaUNVV6fScoE55
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FCT1ZONzYtWi03V0w5&google_push=AYg5qPIuinfOoTmXFwP3FcDWlmzqzRZLJOHRVLx7I15NyOTCC9R7R0n8GoeZ6K4pqPA5pxKHOwwCvrlxazNc33IaUNVV6fScoE55
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2190
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPr...
0
0

pixel
cm.g.doubleclick.net/ Frame 2190
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ37dw6HNUHo3_eXatrcoII&google_cver=1&google_push=AYg5qPIg4YSSJkhFgwLvfRim...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIg4YSSJkhFgwLvfRimSZ7Nt5jWyd4FzfNuVhUfnjxUrC80EZTpEWwFkHok82W-9Mh4u2-XUPPSUXhI8-0R9WCSBVnC3ZZVxQ&google_hm=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIg4YSSJkhFgwLvfRimSZ7Nt5jWyd4FzfNuVhUfnjxUrC80EZTpEWwFkHok82W-9Mh4u2-XUPPSUXhI8-0R9WCSBVnC3ZZVxQ&google_hm=
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:17 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIg4YSSJkhFgwLvfRimSZ7Nt5jWyd4FzfNuVhUfnjxUrC80EZTpEWwFkHok82W-9Mh4u2-XUPPSUXhI8-0R9WCSBVnC3ZZVxQ&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Thu, 24 Jun 2021 02:02:17 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2190
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeTnocCnhMVB8qBBUNDMER-YTkWxA-yENJ4On75hH4AQvzPYLVrBomwpz87D9QSHx5TqG3tw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
pagead2.googlesyndication.com/bg/ Frame 7424
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624586536&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624586536647&bpp=6&bdt=2062&idt=-M&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df78b96b70e68b1a4-226cc1bc0cc900ab%3AT%3D1624586536%3ART%3D1624586536%3AS%3DALNI_MbmhCUygYISe4bKQClqP-40_C6OUw&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=6215114917117&frm=20&pv=1&ga_vid=1340124796.1624586536&ga_sid=1624586536&ga_hid=335480642&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=860049143814468&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4b2je4Tzte&p=https%3A//all-news.co&dtd=36
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 20:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
191988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5744
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jun 2022 20:42:29 GMT
rs
ad4m.at/ Frame 8586
1 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77bdbdb26caab6be5eeb8a5e91273db9d1ea94929bf1ae6b5bab9033d9d41faf

Request headers

Referer
https://ad4m.at/ad/dr?ed=1g5sxvahccwpm8q4e0abnt88t3x7jv29sehtfhvy0ctbgbmh4ehrj14ndd3z6hy8qasqfmfyxw1yk646mn54b67wqez0k1bqa9s41chk8cgqm957p69499672zqtkdk1t9xsznznt7k43jeh77mec7f2168cz89aych115et8pjnj8yjbf6wh641h44zwj0an0q8sqfzbw54je2qm7hcjfx2g432xj3wdvw432j49jynfbc1tec94md59fwb1jny75nrskdw3q9e9mgrdc30g1v5r9rvaamn0n2c5064kffztvs12k8npzpx28408trpm7kva46033qkg4gpz5z839t42wvwhcap28q6qwrz9es0hgqcwv8ffz9efrv3j&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-rvz5
cf-request-id
0ae280634000004ed3e49cc000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HIlIR9zbbMIfy6OVFms87LaQWFFqL6KZa7raIcNKKO%2FFSJD91PefRWv48Atf%2FZfXAuExV%2B8KpOmQ5no7PhjHYqBGlIAAUkuD1EVUZEA6Rge7RZmN2qt%2FWYMEveda5Qsx"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
664a9ce53b214ed3-FRA
rar
as.ad4m.at/ad/ Frame C75B
11 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2acdfd638e38c3f45aa7059762e04d41564ae6c487cf579b5f3ab15c808c377
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0ae280637100004e79fcb5d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664a9ce58a454e79-FRA
content-encoding
br
rs
ad4m.at/ Frame AE1D
1 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2106fcd6d70620c8263e1f3632f4933a103d68c2844a85595b2f1c877464892b

Request headers

Referer
https://ad4m.at/ad/dr?ed=1j4deb8cdft3f850rys4f67z7dd3fr97emdq1k1rg77fsqf2yv6qj2gse2e1rdt4js1daz0k8kwp52gdxbp7babrkzn6jjy6n230tmb70e233kjdpnaa076yt13xh20gm0ce2rbm6ch9fgzrvfat1d2f3cb14vpkkgs9asbq2wtxfvjn2y8kmwqtkqq5vdzw622zvw2chyk42g6gz5wp1b9rgcdg9h4d27ba7mynmw11qgancp3xqvpk5mcmz28h0cm9ej7hdy51r5fxc1pa8j99a9rysrg7kecsdynard6g4gmk4ph21hv1gyqpxq7azdfb465g7462hh7meayb9jebgnsgfk638h5vzswdnr1rjwz4kxfn6ntkqqz28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-rvz5
cf-request-id
0ae280637000004ed3ffa7d000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u9zxxE%2BkX4EiiY8Wy2tGfoQ2BGt4491Pck77dVhgQRSUANDW2vWoyRZOAEHer0j%2BQVrzHBsZw38ittoTkjT1Wt8y8u9lFAMOlh0irFLtu0QETGQWl2FEXggD04T5j8dW"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
664a9ce57b834ed3-FRA
rs
ad4m.at/ Frame 596E
1 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c9f00a5cb6f90d582089eb97328f472d2a77851b25fd82b52b81aa12df83b0a

Request headers

Referer
https://ad4m.at/ad/dr?ed=1jqjdqm14zkkem7m07c084kvk3bphhzqy4qthmnfn5w8v1fedcya0308jzchceh0s82vs9h19fzkxbrkbkyvjr5wch34af0r98d1hjn466fxcjbccg278215gbkdc0td1wf368793n72vmt6f7ny8czdy0enpgfxt5b86dh4msecwcndrddf0vpc7kxk3m2w39kk104q957wxy8p0hey94yyeap1zy9zebchqpapv019b6d3djtcjf70zgj3c0vkhwnqje8e6wdztbxvf21zygtmv6tz7nb3ptfd72zf8nmwfkss4ne1v2x99b57cxnzctx08cgccervnwpv96jqnd9p23j06z44e8zfr0mckcybwb5h2fgr7a82a4yy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%26client%3Dca-pub-8439024877331049%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-rvz5
cf-request-id
0ae280637000004ed3d01c5000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LvUt0owF4Lh5V%2BzzlOQlsAZGrBObL56WsvzJHHwxV5s1K22ZdQjzA%2BdG3UOcy4iT8yo4VeXeVEJ5AO5x8vCUnQVlrw5xcS8rD%2FdQySlN4k0mpW8bNi2tB0ToYUxczo9R"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
664a9ce57b844ed3-FRA
rar
as.ad4m.at/ad/ Frame E0D1
10 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07db5dcc727f143113c6f3a7a5d35fe979ec5ac12de1a37babb580972607f9fb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0ae280638700004ed3d01c6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664a9ce5abb24ed3-FRA
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame C75B
59 KB
7 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
747867
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0ae280638800004ed3b8164000000001
cf-ray
664a9ce5abb44ed3-FRA
expires
Fri, 25 Jun 2021 03:02:17 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame C75B
18 KB
19 KB
Image
General
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
611333
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-UwIkNOUZkyQMq3Kp6tFJ2kUiKOcE_5mAfmbAGX3tfBIHRd_MrOW6vKr5H6_TmE6_b-JyODKsiwvn_37zoc_Y_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
18872
cf-request-id
0ae280638b00004e79e101d000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5sMEyqL0IbXy0%2FDdnKYC3f4u7gAR7SFdIx%2FdqfMo%2BUjqwg56i4JePZ%2FUJRUz447swr0nlkFC9QdLYMCsYDVq9iifHI46AK%2BBQ0I126j4tU%2BkYR6hb%2FTz5RAMQd2QecSy28TZI%2FTepg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
664a9ce5aa6f4e79-FRA
cf-bgj
imgq:85,h2pri
00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
assets.ad4m.at/product_image/ Frame C75B
300 KB
301 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EZXtXA==, md5=mgoAJVijZFI0Dr9oP+Il1A==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
66340
cf-polished
origFmt=png, origSize=594083
x-guploader-uploadid
ABg5-UyTf6FeWBmyeJExuOi7GlY0O5gUODBvMLpe0qCESaQPFqhEaq-71hfFz0E5oJiJooQZU6IhwrvrSpqoVWzBhIw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
307160
cf-request-id
0ae280638b00004e79e49e7000000001
last-modified
Tue, 22 Jun 2021 13:51:23 GMT
server
cloudflare
etag
"9a0a002558a36452340ebf683fe225d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tEJ%2BrRiEziROp10cBN5Fs%2BsjicVAklxarzSZMm0LbjPRxx1Fsejjgy2xXgx3PNGPoolJDbWRgWJhcY%2B6GOum8imiMup0rJUVU7OQvsJGXoAe6%2B1%2BvH06lb7w5kj4kojqMg7uFR2arw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1624369883413081
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
594083
accept-ranges
bytes
cf-ray
664a9ce5aa704e79-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame C75B
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2519575&v=14098&q=379092&r=412871&pv=1&pref3=oneidVx7fwfmfEdghVHbHAtRt8bGU5tzTzQkoneid__asuidGS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5asuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:17 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame C75B
38 KB
39 KB
Image
General
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
612489
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-Uxq7P2nwVSkuZTkSEg7ynfoehxN_jsktc6syvnGz_8ihKUK5uH6rRVPcv4Opl6Z2KhsA8K5hpihRZEBhNQcVvk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39202
cf-request-id
0ae280638c00004e7931349000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6ffTIqiK0zzuPTdNh4UGnXJP%2BCSfA%2B58CYhlzwiVXhaI1CGmV5HdO3LmU9SXgtExRVIkviVoUq5lHGG36j7guFbVb%2F6IWOetBuxIYluEnsFq6%2B82BapLwiRSy%2FZUbYkE63YFdxa7Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
664a9ce5aa714e79-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame C75B
113 KB
113 KB
Image
General
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
610353
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UwbIUGsRq83JM36JprxOgsBD6lKh1nY2l3BnWQZ8mWh2LUudq9jHuyeyP7z2Qlk1ZiWDEKQgVNmtV1LQrTTbho
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
115268
cf-request-id
0ae280638b00004e79fcb5e000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wdSAwr2gGS1hCIi0joX%2B7vAXzJseF5ij0cEmA%2Bq3r26FxZVEu1oQuTE3teJ5FuILDMXz0iw5vsyCqyZNLA1l%2FIaklfZoRwHibl12Q8%2F%2Fm13hmh21zUER5s3XTPrzQyqC6Ex3fOHc3w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
664a9ce5aa724e79-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame C75B
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuidGS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5asuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:17 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame C75B
38 KB
39 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
420083
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-Uwy0W-DdVJjWcpC6FduPnZhHbPyw2RCik7-I8cH6jjKNtZFzPAJEwzK3FGMfzhoKOFIvXS5i1t9lCWtD0x-j3E
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
38696
cf-request-id
0ae280638b00004e792d009000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hC8pOVtGPMk%2FltkAZX50OWOGwB0VmFM6uR9Hs4bSjxRHgHplxlUW9V9bnZhWsNYro0o3XW1ZK9uC5D2fn5rdTUypOBaenvXl%2FCwGxVLfnoEqtPCNlonkxpK9xKMhyiYUJPwYk5vSHA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
664a9ce5aa734e79-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame C75B
84 KB
84 KB
Image
General
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
104689
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
85604
cf-request-id
0ae280638b00004e79dc8d5000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mgP%2Bce76m3HITK8uObpp5nRpETiT5f7hawIOez0W9A1ghsOcgxdZP9itpwol9gpHtLxeFP0XiI8t1iuPHIGkTqYGlGM%2FSTPdu6QC4j7jHgMzez5xChZ8APOJj7rThNQjT%2FJpgUIYNA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
664a9ce5aa744e79-FRA
cf-bgj
imgq:85,h2pri
rar
as.ad4m.at/ad/ Frame 1406
10 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
261355997b4cbeb541354842b8cd4eac42ea8f1b3ce2c3117ac72cbfe29139ea
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0ae280639300004ed3f320c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664a9ce5bbc94ed3-FRA
content-encoding
br
link.html
track.webgains.com/ Frame C75B
12 KB
12 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidGS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5asuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidGS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5asuid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
74c45b1e22bc84c701252c21f705f67107151b11b129dab14659cb593aacd6c7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:18 GMT
Last-Modified
Fri, 25 Jun 2021 02:02:18 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame E0D1
59 KB
7 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
747867
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0ae28063b700004ed3ee996000000001
cf-ray
664a9ce5fbf84ed3-FRA
expires
Fri, 25 Jun 2021 03:02:17 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame E0D1
18 KB
19 KB
Image
General
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
611333
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-UwIkNOUZkyQMq3Kp6tFJ2kUiKOcE_5mAfmbAGX3tfBIHRd_MrOW6vKr5H6_TmE6_b-JyODKsiwvn_37zoc_Y_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
18872
cf-request-id
0ae28063b700004ed3af878000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IRWpz4aVmd7Ko1EkrzkyO%2FtOfd%2B1K88zyOnvL4DWyJCMgzs2KJoXd70WGo8iray9PqYFELhvOJHUFLE1%2BYDB0UzER9ViqOy3ZX5eHG%2FuNpVMMNKugEztwlDgwwzbzbFoajA3jEr4Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
664a9ce5fbf94ed3-FRA
cf-bgj
imgq:85,h2pri
00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
assets.ad4m.at/product_image/ Frame E0D1
300 KB
301 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EZXtXA==, md5=mgoAJVijZFI0Dr9oP+Il1A==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
66340
cf-polished
origFmt=png, origSize=594083
x-guploader-uploadid
ABg5-UyTf6FeWBmyeJExuOi7GlY0O5gUODBvMLpe0qCESaQPFqhEaq-71hfFz0E5oJiJooQZU6IhwrvrSpqoVWzBhIw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
307160
cf-request-id
0ae28063b700004ed3c7075000000001
last-modified
Tue, 22 Jun 2021 13:51:23 GMT
server
cloudflare
etag
"9a0a002558a36452340ebf683fe225d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NQo2sMpCiLlrkRAXldOt8%2FYtT88igR0iANGpoH2%2FyHO43Y0MDoWu4RM38ciS3CaISexAGghUOFmPCjEME1QIpW2UON4yD7tFwUMK2EKtEz%2BPm9XQids%2BhF0qVAvIbskSZOsDS9WRyA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1624369883413081
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
594083
accept-ranges
bytes
cf-ray
664a9ce5fbfa4ed3-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame E0D1
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2519575&v=14098&q=379092&r=412871&pv=1&pref3=oneidVx7fwfmfEdghVHbHAtRt8bGU5tzTzQkoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:17 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame E0D1
38 KB
39 KB
Image
General
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
612489
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-Uxq7P2nwVSkuZTkSEg7ynfoehxN_jsktc6syvnGz_8ihKUK5uH6rRVPcv4Opl6Z2KhsA8K5hpihRZEBhNQcVvk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39202
cf-request-id
0ae28063b700004ed3108e7000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=L5aodc2lMiwZFuALafagNcgV9uBgCoxFP8zisyRWparSs5AoyF24lYt2CVt%2BSApqQ5GIUP3e4UneV1xjyhOYJ75gBdUpveThSnidbwnnfV6bDjeL6d3LMI0ER%2BAuyl4QzAvuZoXShw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
664a9ce5fbfb4ed3-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame E0D1
113 KB
114 KB
Image
General
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
610353
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UwbIUGsRq83JM36JprxOgsBD6lKh1nY2l3BnWQZ8mWh2LUudq9jHuyeyP7z2Qlk1ZiWDEKQgVNmtV1LQrTTbho
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
115268
cf-request-id
0ae28063b700004ed39da3f000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q2iGZ9UPqOeEwC1yMCFgrthqIiMvWcThKiV5fr7iPOyJYhTItFSdJKEJ2Ysal97EYW27clvLBUCrWtcnGRjucGH8ZNPfol911y%2BsS%2Fwf0VWt4F9uZg6pJnXK3fzV4E1ZveYVMgYvLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
664a9ce5fbfc4ed3-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame E0D1
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:17 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame E0D1
38 KB
39 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
420083
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-Uwy0W-DdVJjWcpC6FduPnZhHbPyw2RCik7-I8cH6jjKNtZFzPAJEwzK3FGMfzhoKOFIvXS5i1t9lCWtD0x-j3E
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
38696
cf-request-id
0ae28063b700004ed3a7a13000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8mWHCwvnFAjjtHZI1Z%2BB7qF20JKIuf9mE%2FNCTnn2FN37B7kJrTy5DwrnOZOYcqQ9DElHEJCF30FfIFAkHIltR2XEM9%2Fw%2BBIXLjazGpEz6RTByEo9ohdxbAfpVZZEEnsdLn7RqXm22g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
664a9ce5fbfd4ed3-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame E0D1
84 KB
85 KB
Image
General
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
104689
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
85604
cf-request-id
0ae28063b800004ed3e49d2000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pVo4LwDxJT3MU8MwfHFH%2BB6qs9q7DI8sxzkWoR%2B90VRYtZ6Hu92syakN3uWQk4zqNjAG%2FO7BjXHlrIyJGDlifM9%2BF85HfYZGI%2F4h8mRd3D8qGM1Tua0ahg6yTjFZ5o88rvQTwOrgLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
664a9ce5fbfe4ed3-FRA
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame 1406
59 KB
7 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:17 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
747867
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0ae28063c100004ed3a20b2000000001
cf-ray
664a9ce60c0f4ed3-FRA
expires
Fri, 25 Jun 2021 03:02:17 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 1406
18 KB
19 KB
Image
General
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
611333
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-UwIkNOUZkyQMq3Kp6tFJ2kUiKOcE_5mAfmbAGX3tfBIHRd_MrOW6vKr5H6_TmE6_b-JyODKsiwvn_37zoc_Y_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
18872
cf-request-id
0ae28063c200004ed3c9bf8000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zYq%2BOAk6ttcr2CEpHW9Pn9GJ9pLPv%2B4oQFUjP2knLwxG4eHnW85ANAO7TuNFdnvMJAgG0svJcI7E%2FrvqqjpRLWHMnRYQqNagAf%2Ff08liKYnnvUpIJMZLNzCUpzF%2BSOkwItDxF9MvrA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
664a9ce60c104ed3-FRA
cf-bgj
imgq:85,h2pri
00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
assets.ad4m.at/product_image/ Frame 1406
300 KB
301 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EZXtXA==, md5=mgoAJVijZFI0Dr9oP+Il1A==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
66340
cf-polished
origFmt=png, origSize=594083
x-guploader-uploadid
ABg5-UyTf6FeWBmyeJExuOi7GlY0O5gUODBvMLpe0qCESaQPFqhEaq-71hfFz0E5oJiJooQZU6IhwrvrSpqoVWzBhIw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
307160
cf-request-id
0ae28063c200004ed30ab23000000001
last-modified
Tue, 22 Jun 2021 13:51:23 GMT
server
cloudflare
etag
"9a0a002558a36452340ebf683fe225d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dGKgqKypfFVqpSKEHfZiF2e%2FSztMiKfe4z9mr43828yA0QHQV08Z0h5PlquHeRbvJZsTBFH8rIllBRQTEAnX9UruwwlaUH5RqhgAiouYZwvMlLL2yMWOIKkszwxJqvjV3ODRUAyrKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1624369883413081
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
594083
accept-ranges
bytes
cf-ray
664a9ce60c114ed3-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 1406
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2519575&v=14098&q=379092&r=412871&pv=1&pref3=oneidVx7fwfmfEdghVHbHAtRt8bGU5tzTzQkoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:17 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 1406
38 KB
39 KB
Image
General
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
612489
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-Uxq7P2nwVSkuZTkSEg7ynfoehxN_jsktc6syvnGz_8ihKUK5uH6rRVPcv4Opl6Z2KhsA8K5hpihRZEBhNQcVvk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39202
cf-request-id
0ae28063c200004ed3aa097000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xNMC6rsJzcsmIYR6fBA%2BAm9kcFkHqeQlQIq7%2BeBxc1QXwFPBfkgwxqnAGrSBmC7F1yVysv2Qyy3lE98Qqed%2F8Q1YX3s4%2FApNzSXaiKofq9Nq%2FhScywTUPsYcN7wsbXo1BKJwmJNoEg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
664a9ce60c124ed3-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 1406
113 KB
114 KB
Image
General
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
610353
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UwbIUGsRq83JM36JprxOgsBD6lKh1nY2l3BnWQZ8mWh2LUudq9jHuyeyP7z2Qlk1ZiWDEKQgVNmtV1LQrTTbho
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
115268
cf-request-id
0ae28063c200004ed3caaff000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NH83To0BVTOkqsisFQnl8IBWjQt6qaXDGw3lH7D61%2BgJQiA5YQgtgoS4fL0Vcvq8ETGdJCKtWfHvy6pJ2kH4lCgrD%2Fj2WdtyOfS%2FlcK3ll53%2BZeL0c2lylJiMET%2B5osC4lQNWrx14Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
664a9ce60c134ed3-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 1406
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:17 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 1406
38 KB
39 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
420083
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-Uwy0W-DdVJjWcpC6FduPnZhHbPyw2RCik7-I8cH6jjKNtZFzPAJEwzK3FGMfzhoKOFIvXS5i1t9lCWtD0x-j3E
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
38696
cf-request-id
0ae28063c200004ed30d84a000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2B58T8fgg9yibQC9L7r44qMX67sdG5JCh%2BFE2gvkVTg7sN7inNFDxlpgvdfR%2BItctfSOBgMUpKRwlpcbr9xpO67CXggpPOSztF%2B906e9XBSu415idi6q3XalrAyzsPWP%2FNyCsQqM0hw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
664a9ce60c144ed3-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 1406
84 KB
85 KB
Image
General
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Fri, 25 Jun 2021 02:02:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
104689
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
85604
cf-request-id
0ae28063c300004ed3ea179000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=otTuxWoPWkGbXWn2alVTyW4iIpuwx97sG11FKv5GpcamwhYit116Upps%2BRXNj%2Fu31N0qfwVqRpQTPlLDrvjExWNHB1UOUcdq1lp%2B2OI2JDo67LBUIihc31Cubc9CCYdq5klQW4uzkg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Sat, 26 Jun 2021 02:02:17 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
664a9ce60c154ed3-FRA
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 1406
12 KB
12 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
ac8adf5db9af0b3559d19613da00c69dc4ed15b91d3ef9c726be8a38e2e0514e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:18 GMT
Last-Modified
Fri, 25 Jun 2021 02:02:18 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame E0D1
12 KB
12 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=1de63dde9c5eca6b6aa0a516a47cac12%2F6508296253884879601&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D220dng7dzzefafennxsg7x1dhvjnfjg09wdwk60g3f2e1p0x0pby0nffpg2x5p4zwaw8531sky3v3ax67kt3d27z533tc3a60k3se4sascspmwvx95phtabvf4rfj6jgw69f7wsh71vyf9p6znv3hp01bnmm9sd2z3x9yk7f0zrfq38r374y73s8mjwdbb4mp08vc08dsykqa28psem2sddkh8s32p0czvt3gvajemedqd12wxpyd3qwhahh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8o28KDnVYJi6Ks_C7_UPuIWP2ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQI8dEDUpQS0PqgDAaoEvwFP0GH9Rfh1plpcMLO13UhsMCbAaOudv7LLFBvQbUEIxREdVfRVyU3v8HWeLkY0GtJwH4ZiXcDtd9c-caFuKf4ExdV4UcO3NpKAxmKItb2LYfGWcuRads5B0Dg8rcbwk8LhxSrg8M0D3zkdJ4YjFk0gT2-bDSIBcGdbmgJwQhbeQUf4VAvoCYdP0Guei9CHIM0QRbKK4Kqcs4Hba4abgXmdV_ki9eQ8-vfROSCh4MdensJQuc_hMjQHp4tEDKSFGYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1RJT6hNQdQpha-hZQ8rf-SP91j2w%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
b2a92323d747977734e854a35e59ca60e48c69d6f43d1aaedf879d708d91e080

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:18 GMT
Last-Modified
Fri, 25 Jun 2021 02:02:18 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame C75B
60 KB
60 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidGS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5asuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidGS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5asuid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-68.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:48:19 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Mon, 24 May 2021 16:27:08 GMT
server
AmazonS3
age
76440
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
61124
x-amz-cf-id
AfEMV3rYRjrCG1UGg88wJ4dImTy6PdbCjRAMjXL8XrVmuMQmYyloIA==
hit
diapi.webgains.com/2.0/ Frame C75B
79 B
374 B
Script
General
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=.8a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VauVBbeJdQ_i.uJtHoqvynx9MsFyxYM914Ve_clr9Ly.25.ea.69BRe4GSrWUkeU_uz3YMJ5tFFg4K1kl1BNlY6RcApw.C45&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221624586538%22%2C%22%22%2C%22%22%2C%22%22%2C%221780106538%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidGS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5asuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=071abb4fc59edcdb7bbcfcd8225f1557&userIP=89.249.64.171&doAffectv=1&wgtime=1624586538
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidGS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5asuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidGS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5asuid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Jun 2021 02:02:18 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame C75B
85 KB
85 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidP3zUBfbfRbzh7CjHbtMtPzEHbtgtPproneid__webplexmedia_advancedad_300x250&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=GS19-Vw6JdxsQdsTznq2_e-pia4a2Ey5&g=67b4f963a11ce097f42f68329e41bb53%2F4010041189798134871&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21j31qwywa9e275hsf5v5e5jkawdqgdp9mwr6jstwvr47sayd0czk5chrmae53pn0e79xx4ggrg6rfh2nbjz1gc3t7jmzaz5a7xkqs37j3bdjbyqzqhd2h3payrqj8b3m5yh49xzxdzp9md4xvqatma04tt7zas7reb3et91b92dea48fye1n8cst2cdx4phzbgv37y5dcqdca89y46xa2k2f62za1ke2qkpx2rh0hpzwzhmd4bnvv99xypvy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCddcKKDnVYKbXKrjI7_UPgeiYqAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTg0MzkwMjQ4NzczMzEwNDmgAcKu6N0DyAEJqQIrRMYZ9AS0PqgDAaoEuQFP0IdD_4FjgpofM7Golp8wwcV2J-KnxQlSzbWyC1X8n0z57TBuKvjyDg81s6V2oBqhyqB80ztpHNwNq2tZZLvz9aM3s-pW9LXcTnXPxKM6rLguVfNzcOGRzMDJic6MtxKYPT7pR494HQ_ldWxe6UTt6OPlV3Hv6o8hEnKjpVqqwD5UMDqZ3FLIwcKVxOqPDiAA2jkf6S_WNVfknio5Xy5x6cX_3qcjDNI9pTfiAhaJDIrYno1kL6yJPYAGuL3Ek8iU16KfAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2N_L9zjZfhPVVCWdcT4a3KMO2yPg%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:18 GMT
Last-Modified
Fri, 25 Jun 2021 02:02:18 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 1406
60 KB
60 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-68.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:48:19 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Mon, 24 May 2021 16:27:08 GMT
server
AmazonS3
age
76440
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
61124
x-amz-cf-id
bdBHUKA4emoAMvvMsu2W4LB2ULtww2pZTy7mvBzDivhsZLigfx9QlA==
hit
diapi.webgains.com/2.0/ Frame 1406
79 B
374 B
Script
General
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VauVBbeJEPtQVD_DJhCizgzH_y3EjNpmVWN9dPBSpMk.Nk4Jk.tGY_FeAiwAy4IwjMsZPuVr914VecL57GY5BNv_0TjV.5ql&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221624586538%22%2C%22%22%2C%22%22%2C%22%22%2C%221780106538%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=77e8a24075974e0effec3ba54584d4ed&userIP=89.249.64.171&doAffectv=1&wgtime=1624586538
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Jun 2021 02:02:18 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 1406
85 KB
85 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidP3zUBfbfRbzh7CjHbtMtPzEHbtgtPproneid__asuidSH6apr3IJJXxUFpIqIB9X13b0IcpHy4Oasuid__webplexmedia_advancedad_300x250&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=6de4ee66f9e3ffbb923e7de3aa47f5dc%2F18407722691564518567&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21cnmr64vqs8xx9h5v1hmbp8hvtw6kah5q9ws07s2zxa9wjyzt1eqdkvprpgmyj21pp90gx8gpf4se91av895xhvy4j4etr902fzyrbhjf4nts9cykpad5rme6xbwyswqhzf52xk1bk3g6b2srtcaqtfv80bcsjj83pw9gd172vn0101zz742dkhyjjdm6x9anp41ymgfr34q7mp25pdv0q87djtttce8habkkgww45ywn2bkshwq2zqn4vv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-23RKDnVYLOjK-q4lQeLhKbwA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODQzOTAyNDg3NzMzMTA0OaABwq7o3QPIAQmpAk3EsPjeBbQ-qAMBqgS5AU_QxuO1ARit9U3qShmc3VgROGl6hbV7hKIFtWnw6mF5RyxGPbfkXptNLa3gZY8en-9u_MQ2NNz_efV5BToM-8qVSZI7ArvsMuPTGZf7ODbDC3CNsqQGPUHBQMBSWv_wr2p63tZ3si03ROJfbTH5_T34IW6EYsnZTbdBQwB-Lbb7a9Q5GXqgBDjJYJa_wFoUho9hqyTI9lx3kw6VD4-r6LkT3XQQeoY6gCQm0qaQoGg5rWHLi-scq33ogAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0i4lJuqFLwkytSPmxPSvgK3imZHA%2526client%253Dca-pub-8439024877331049%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:18 GMT
Last-Modified
Fri, 25 Jun 2021 02:02:18 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
fp_decode.html
track.webgains.com/ Frame C75B
63 B
270 B
Fetch
General
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VauVBbeLLLtQVD_DJhCizgzH_y3EjNpmVWN9dPBSpMk.Nk4Jk.tGY_FeAiwAy4IwjMsZPuVr914VecL57GY5BNv_0TjV.6Kq
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Jun 2021 02:02:18 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
pvClk.min.js
analytics.webgains.io/ Frame E0D1
60 KB
60 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-68.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:48:19 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Mon, 24 May 2021 16:27:08 GMT
server
AmazonS3
age
76440
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
61124
x-amz-cf-id
Iaxh_7WLQwUz_3d8SLGnPX9N5famQr8KdbPtUuNUMphmhUsU5Ybysw==
hit
diapi.webgains.com/2.0/ Frame E0D1
79 B
374 B
Script
General
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VauVBbeMeetQVD_DJhCizgzH_y3EjNpmVWN9dPBSmrk.Nk4Jk.tGY_FeAiwAy4IwjMsZPuVr914VecL57GY5BNv_0TjV.2KR&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221624586538%22%2C%22%22%2C%22%22%2C%22%22%2C%221780106538%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=77e8a24075974e0effec3ba54584d4ed&userIP=89.249.64.171&doAffectv=1&wgtime=1624586538
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Jun 2021 02:02:18 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame E0D1
85 KB
85 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidP3zUBfbfRbzh7CjHbtMtPzEHbtgtPproneid__asuidSH6apr3IJJXxUFpIqIB9X13b0IcpHy4Oasuid__webplexmedia_advancedad_300x250&wglinkid=713569
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 02:02:18 GMT
Last-Modified
Fri, 25 Jun 2021 02:02:18 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
fp_decode.html
track.webgains.com/ Frame 1406
63 B
270 B
Fetch
General
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VauVBbeMePtQVD_DJhCizgzH_y3EjNpmVWN9dPBSqB.5B0KB.DJNtJ9Xvj1zWJzApy85icCmVWN9e4WX3NlY5DtFMfs.A5U
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Jun 2021 02:02:18 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
activeview
pagead2.googlesyndication.com/pcs/ Frame B358
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJpi4gfLe9epUu4-ymjo-BfrS-Iaz2toMtZw9P0suTnb37JqiLw3tLxKG_NPyYZMvMslZHuViKiQ7o65433AnoDJz7KNwaUvxQIJD1lJ9VN4pNfupPhx1bamVONw&sai=AMfl-YQONedYDXETWHB5406NWnj9lVcfdF_pKEoIIdxT3Wu5oCGs3FnalT2-Yi94v5DFJlK77dz2ltIAmo-V&sig=Cg0ArKJSzAce5uF2jFc2EAE&id=lidar2&mcvt=1001&p=56,586,234,1298&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210623&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1170913138&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624586536455&dlt=458&rpt=689&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fp_decode.html
track.webgains.com/ Frame E0D1
63 B
270 B
Fetch
General
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VauVBbecWRhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtQs.BN1eN.RclmcK4rT4z1dyMfwHCSFQ_01kKJA237lY5BSmVjMk.Djg
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Jun 2021 02:02:18 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
tracking-event
api.webgains.io/ Frame C75B
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-6-221.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.19
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.19
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-6-221.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame C75B
44 KB
45 KB
Script
General
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 06:27:17 GMT
via
1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
70502
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
V85-aqu6N04t4hjpoiHnGY3J6gJIhcbUCcc8PIDpLTcWKPWmms881w==
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-6-221.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 1406
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-6-221.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.19
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.19
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame 1406
44 KB
45 KB
Script
General
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 06:27:17 GMT
via
1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
70502
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
Ru80ivm1R26nxr09Rc-AIZ7Sh44fh1nGt6RftQnMmVR3UsV1RdRVdQ==
tracking-event
api.webgains.io/ Frame E0D1
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-6-221.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.19
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.19
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame E0D1
44 KB
45 KB
Script
General
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 06:27:17 GMT
via
1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
70502
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
o6I4Cjpi1G8s8n6z--hbq2GL6DZG5cSoa8ssHrcAf9sCe5X0EZT_SQ==
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
52.213.6.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-6-221.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tag
w-it.m-t.io/ Frame C75B
18 B
122 B
Script
General
Full URL
https://w-it.m-t.io/tag?type=impr&date=1624586538973
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:809::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
dc5d9b00f169eea283673b480c86e6b6
cache-control
private
content-length
38
tag
w-it.m-t.io/ Frame 1406
18 B
205 B
Script
General
Full URL
https://w-it.m-t.io/tag?type=impr&date=1624586538978
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:809::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
7a2dc9f31a6e3892a71b37ddad336e7c
cache-control
private
content-length
38
tag
w-it.m-t.io/ Frame E0D1
18 B
123 B
Script
General
Full URL
https://w-it.m-t.io/tag?type=impr&date=1624586538979
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:809::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
b2572998277388b8be77b447aa62ba9d
cache-control
private
content-length
38
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210623&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6989d76de1215b8a02a8884610090fdd1d4db97c6db9ac9130259d66e4540e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 02:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8457
x-xss-protection
0
3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-324x400.jpg
all-news.co/wp-content/uploads/2021/06/
29 KB
30 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-324x400.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c98991b16629fe139954a9e334e3fab62e9bdf7ff16fbb9c3c8ebad667200d2

Request headers

:path
/wp-content/uploads/2021/06/3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-324x400.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6115
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
29848
cf-request-id
0ae280683900004e9834152000000001
last-modified
Thu, 24 Jun 2021 18:24:56 GMT
server
cloudflare
etag
"7498-5c58723dc5753"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IS%2BVs1Hd6Z36upB9730YJx2a9%2BjWIbpB4jzmhXegP%2BRjIsR5foSmDlVt8wBdjfROmkuFncuLhrSSOKcjM1rv%2FpTWpD5jIWtLMMxeEM%2BYIE%2FGQLkhSZoPKLCzhrfkn5cZbXKe6Sw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9ced2d874e98-FRA
3798-germany-v-hungary-follow-all-the-action-live-on-f365-324x400.jpg
all-news.co/wp-content/uploads/2021/06/
8 KB
9 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3798-germany-v-hungary-follow-all-the-action-live-on-f365-324x400.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d344d22787e95dcd2d7f9009d837443b5c0e1e60a2b5a0a7e5e80f405983a31f

Request headers

:path
/wp-content/uploads/2021/06/3798-germany-v-hungary-follow-all-the-action-live-on-f365-324x400.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8211
cf-request-id
0ae280683900004e9820b5e000000001
last-modified
Wed, 23 Jun 2021 21:25:09 GMT
server
cloudflare
etag
"2013-5c5758a8de1e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BYOJRUM3hXoD9aX%2Bl697aU0wkLNNLes6vLyNtYqBNbaKe3KTSnwOm%2FphbzUEdSnFyU8ONrlYKKDpty0lS81Atvba8Jnnbs0kYUeWZzSfOuJPGU2Qdh0vUzGfNxMfEc6N6aDerDE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9ced2d884e98-FRA
3796-carl-nassib-comes-out-as-gay-but-most-nfl-players-stay-silent-324x400.jpg
all-news.co/wp-content/uploads/2021/06/
20 KB
20 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3796-carl-nassib-comes-out-as-gay-but-most-nfl-players-stay-silent-324x400.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f71f134bbf883cea5074c63aa431f273478cbdba9bdc54b4da8f07371334ba6

Request headers

:path
/wp-content/uploads/2021/06/3796-carl-nassib-comes-out-as-gay-but-most-nfl-players-stay-silent-324x400.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
20317
cf-request-id
0ae280683900004e981002e000000001
last-modified
Wed, 23 Jun 2021 18:24:37 GMT
server
cloudflare
etag
"4f5d-5c57304dcd11e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lMa6h58ECYcb1UYIRePJS%2FhVJABtxDP46sCK70dCeFIZ0VD1xIn4%2Fh8GPMcxxS7JTgQdvXV52m3O%2Bq5qd1eKl9p8Lab3kzRCe1AaOHTmQJSr0cTjqXrtzknS1gA6PZhMf9iuTL8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9ced2d8a4e98-FRA
3788-george-kittle-sheds-light-on-why-jacksonville-jaguars-tim-tebow-wasnt-invited-to-tight-end-university-324x400.jpg
all-news.co/wp-content/uploads/2021/06/
25 KB
26 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3788-george-kittle-sheds-light-on-why-jacksonville-jaguars-tim-tebow-wasnt-invited-to-tight-end-university-324x400.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa20f9e7343d64c290bdc35540987532d373794ecbb1151e3c986ef486448f25

Request headers

:path
/wp-content/uploads/2021/06/3788-george-kittle-sheds-light-on-why-jacksonville-jaguars-tim-tebow-wasnt-invited-to-tight-end-university-324x400.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
26106
cf-request-id
0ae280683900004e98e8301000000001
last-modified
Tue, 22 Jun 2021 18:24:38 GMT
server
cloudflare
etag
"65fa-5c55ee714861a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zKGknIsgkfE2C7AOy9Cs4DG%2FmY9qTWCyYxwyVYNFx3mefBgeHPQ75Y3m1nxoWpaxhCqb7aYS%2FAIydF%2FiFumkFGjpw1o4p6%2Fol%2BMqbtcyCdxsqsHC9JH%2Bq%2Bd%2FYuBkJfxEwLozVjk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9ced2d8b4e98-FRA
3813-how-kristin-experienced-a-new-beginning-with-the-hills-cast-696x392.com-698511
all-news.co/wp-content/uploads/2021/06/
27 KB
27 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3813-how-kristin-experienced-a-new-beginning-with-the-hills-cast-696x392.com-698511
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abf0533e5e140ff15423e8abba6e6909a4e9d3b9d59adaf7d16fd1d79515d355

Request headers

:path
/wp-content/uploads/2021/06/3813-how-kristin-experienced-a-new-beginning-with-the-hills-cast-696x392.com-698511
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 24 Jun 2021 21:26:05 GMT
server
cloudflare
etag
"6a12-5c589abb1b926"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=M5x2200V2j%2B0Wg8sdq34T%2FKY%2Bxl074UJu%2FZ1tPU0j6k6133LqWHILGIAOnfMWlMFyYthxthWD9dyi%2FNtkKeoS14uH3vJN%2Fb7CtzbEENE7HleDvhs58ZIoY68EIIflC3FGiCNIqo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
664a9ced2d8c4e98-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
27154
cf-request-id
0ae280683900004e9809b41000000001
v2uoe2G7mH5WS4WQpukduysaNUyocjtfrxphxwaIjoAl24hhgQ_hPsPs4gADFCIBgxEb0VLgr6EFVfHA3hkos47_PZa6kz2paT2PTfYjrWs3C-aqAWjb-DIe-pPigM5QXp8n2ApAhXhfe
steadfastsystem.com/
216 B
610 B
Fetch
General
Full URL
https://steadfastsystem.com/v2uoe2G7mH5WS4WQpukduysaNUyocjtfrxphxwaIjoAl24hhgQ_hPsPs4gADFCIBgxEb0VLgr6EFVfHA3hkos47_PZa6kz2paT2PTfYjrWs3C-aqAWjb-DIe-pPigM5QXp8n2ApAhXhfe
Requested by
Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.90.190.35.bc.googleusercontent.com
Software
/
Resource Hash
1b0f0c8d5849fc275eb00013b3c68bee89eaf2ef0fa677bf418c6d51aa594c87
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Fri, 25 Jun 2021 02:02:19 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://all-news.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fb372900
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Fri, 25 Jun 2021 02:02:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 25 Jun 2021 02:02:19 GMT
3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet.jpg
all-news.co/wp-content/uploads/2021/06/
59 KB
60 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81db80c587a98eae3d670eecd0b2675418e4a5b25ebb85dc8bd3bef432c577df

Request headers

:path
/wp-content/uploads/2021/06/3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
60429
cf-request-id
0ae280685a00004e98ff875000000001
last-modified
Thu, 24 Jun 2021 21:26:01 GMT
server
cloudflare
etag
"ec0d-5c589ab79a96d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F2PooHfzNDmPYLFZFHofnMfHxj%2FW7%2FJhNAv7QZHQmGKpcDoMz70Dj1LWyA%2B3P4f9zp%2Buq4N9uhG2GQRidV3OdlamlLgDzVAv7ghd7sPfq8SdRgRPjwjwulgr8NNBRTefTmqe2CY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9ced5dcf4e98-FRA
track
w-it.m-t.io/ Frame 1406
0
74 B
Script
General
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16245865380458_9b1d164be0&programId=12607&expiry=1780106538&acc=wg&scriptTag=&type=postview&indicator=e5ac9fe9715a5705db8acd899076e7ed&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:809::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
53bb23f1aade02a695d77ef548f81b48
server
Google Frontend
date
Fri, 25 Jun 2021 02:02:19 GMT
content-length
0
content-type
application/javascript;charset=utf-8
3809-a-glitch-has-knocked-the-hubble-space-telescope-offline-for-now-696x462.jpeg
all-news.co/wp-content/uploads/2021/06/
70 KB
70 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3809-a-glitch-has-knocked-the-hubble-space-telescope-offline-for-now-696x462.jpeg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb73a045ae2d467a4f4b9a2c460cafc5ffd08a77a4dd9f580b687e749f14bd8f

Request headers

:path
/wp-content/uploads/2021/06/3809-a-glitch-has-knocked-the-hubble-space-telescope-offline-for-now-696x462.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6116
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
71461
cf-request-id
0ae280686f00004e984ea29000000001
last-modified
Thu, 24 Jun 2021 21:25:54 GMT
server
cloudflare
etag
"11725-5c589ab117d28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bFD0zPWG3KnW47JEuwj1IrMmdhnfFsf%2FmD9TTzVnvbc%2BIsNWd0U5zku7w6GXlPvl3CLmc7%2FnVJGUXytMp9JIG3nV7nFxc%2BJc1zvaYhSvJW4qtUUNPwwJQ8mFuBfljRoveSHwmW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9ced7dfd4e98-FRA
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 60F7
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://all-news.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://all-news.co/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Thu, 24 Jun 2021 18:55:13 GMT
expires
Fri, 24 Jun 2022 18:55:13 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25626
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B7A3
783 B
531 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
134d59e547845bfd70264348ed853af8987bbfe2c4cfc72901a74760b8f8c4b5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-99aokTVnkHkqTZOOtMknGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://all-news.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://all-news.co/

Response headers

expires
Fri, 25 Jun 2021 02:02:19 GMT
date
Fri, 25 Jun 2021 02:02:19 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-99aokTVnkHkqTZOOtMknGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
track
w-it.m-t.io/ Frame E0D1
0
73 B
Script
General
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16245865380776_224e64ca1f&programId=12607&expiry=1780106538&acc=wg&scriptTag=&type=postview&indicator=e5ac9fe9715a5705db8acd899076e7ed&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:809::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
8db1062d1b8ea651466e22f043214d42
server
Google Frontend
date
Fri, 25 Jun 2021 02:02:19 GMT
content-length
0
content-type
application/javascript;charset=utf-8
track
w-it.m-t.io/ Frame C75B
0
72 B
Script
General
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16245865380072_fb99936b3b&programId=12607&expiry=1780106538&acc=wg&scriptTag=&type=postview&indicator=e5ac9fe9715a5705db8acd899076e7ed&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:809::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
10a1babd15b578354168fe4f1a9db004
server
Google Frontend
date
Fri, 25 Jun 2021 02:02:19 GMT
content-length
0
content-type
application/javascript;charset=utf-8
3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-696x557.jpg
all-news.co/wp-content/uploads/2021/06/
75 KB
76 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-696x557.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaa0052f5cd036c440a42fba9bec293af6f3985b3f1700fd96960c131ae7f798

Request headers

:path
/wp-content/uploads/2021/06/3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-696x557.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6116
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
76813
cf-request-id
0ae280688f00004e9856892000000001
last-modified
Thu, 24 Jun 2021 18:24:56 GMT
server
cloudflare
etag
"12c0d-5c58723dea914"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1W4zkzWX5eKnCWIKLjC5YJ8UUF0OPnTavH78q%2Ffp0bO%2BcTZ4T5tv%2BZmRBvOgN4cwrFzGFqIUCg79YbuqvTGyNrIj%2F8CoT4s5SPD5voNW7yqMm2uZJ%2BRBaxQw%2FmR68H718x%2BwUKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cedbe334e98-FRA
mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
pagead2.googlesyndication.com/bg/ Frame 60F7
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 20:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
191990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5744
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jun 2022 20:42:29 GMT
3813-how-kristin-experienced-a-new-beginning-with-the-hills-cast-485x360.com-698511
all-news.co/wp-content/uploads/2021/06/
19 KB
20 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3813-how-kristin-experienced-a-new-beginning-with-the-hills-cast-485x360.com-698511
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2ec2a67f23552247ed4784ed8162314db4b814545cdc7e0b82e4b8123b91e27

Request headers

:path
/wp-content/uploads/2021/06/3813-how-kristin-experienced-a-new-beginning-with-the-hills-cast-485x360.com-698511
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 24 Jun 2021 21:26:05 GMT
server
cloudflare
etag
"4d0e-5c589abb049f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vhlgYZP5kxeMKY0Qq2qgNLkINY9jt51avKc1eOljjt6BGGlzlPYaJqH79aac3EeEtenNeNu6dvhL9miAtuvsDPCforMyUf3crwIKAuJit6DdzXWd1EZw%2BJUF2OcEdVtxuJF%2Blgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
664a9cedce574e98-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19726
cf-request-id
0ae280689f00004e98f49c6000000001
3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet-218x150.jpg
all-news.co/wp-content/uploads/2021/06/
12 KB
12 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet-218x150.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58860b2fca796e08b666eff111c58c96047557c0f0b1f70c9b34a191d6a4f6ad

Request headers

:path
/wp-content/uploads/2021/06/3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet-218x150.jpg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6118
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12172
cf-request-id
0ae28068bb00004e98652a1000000001
last-modified
Thu, 24 Jun 2021 21:26:01 GMT
server
cloudflare
etag
"2f8c-5c589ab7bcc4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dviYSNzJlmfLb2NQMAOssUJiFAftbpA2qLLj2N9GB2II0rJhM41CxH%2BUfZQBSaZhdXj9CUXFbkbSeJOEwHD7EU97lFiHWgVKwyF%2F3f3LbLkx7ic%2B9TBUvmVK5G5DEb0OivF4DvE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cedfe874e98-FRA
3809-a-glitch-has-knocked-the-hubble-space-telescope-offline-for-now-218x150.jpeg
all-news.co/wp-content/uploads/2021/06/
10 KB
11 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3809-a-glitch-has-knocked-the-hubble-space-telescope-offline-for-now-218x150.jpeg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e6b6eb0ce5cf32fd711f67f87b99cb425d2cdbc8e9ec36dca22669a707124d

Request headers

:path
/wp-content/uploads/2021/06/3809-a-glitch-has-knocked-the-hubble-space-telescope-offline-for-now-218x150.jpeg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6118
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10721
cf-request-id
0ae28068e400004e98f104d000000001
last-modified
Thu, 24 Jun 2021 21:25:54 GMT
server
cloudflare
etag
"29e1-5c589ab09a93a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Kvc%2F6dv7TsmKoV3xd07CVQt6AEW%2FvzBwUYhVWhI6DzI5gqmHvTb9QjSZ7d6qb5wJ%2FbpDmqArhJLV4CvoEqPBfIEreIZAIwF7huzcQt5ueCfqATqdtNgVphvTtJbKCB5HSyx2VCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cee3edd4e98-FRA
3809-a-glitch-has-knocked-the-hubble-space-telescope-offline-for-now-696x462.jpeg
all-news.co/wp-content/uploads/2021/06/
70 KB
70 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3809-a-glitch-has-knocked-the-hubble-space-telescope-offline-for-now-696x462.jpeg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb73a045ae2d467a4f4b9a2c460cafc5ffd08a77a4dd9f580b687e749f14bd8f

Request headers

:path
/wp-content/uploads/2021/06/3809-a-glitch-has-knocked-the-hubble-space-telescope-offline-for-now-696x462.jpeg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6116
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
71461
cf-request-id
0ae28068e400004e984ea2f000000001
last-modified
Thu, 24 Jun 2021 21:25:54 GMT
server
cloudflare
etag
"11725-5c589ab117d28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=prXkotYQKkUjRxNfi47p%2FNj309iTNTyR3hQUJ0fG8y6pnjdbI9PraiauIJqS%2BL19Iazdq7V%2F1DzKIaMdrXTYtlpOnJV619nnISr02H7YhxbqzCftlUr41zDy9nLAWES07shiyyw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cee3edf4e98-FRA
3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-696x557.jpg
all-news.co/wp-content/uploads/2021/06/
75 KB
76 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-696x557.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaa0052f5cd036c440a42fba9bec293af6f3985b3f1700fd96960c131ae7f798

Request headers

:path
/wp-content/uploads/2021/06/3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-696x557.jpg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6116
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
76813
cf-request-id
0ae28068f600004e9836374000000001
last-modified
Thu, 24 Jun 2021 18:24:56 GMT
server
cloudflare
etag
"12c0d-5c58723dea914"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SNFy2z28JCq39D0cgeyBUpt8zLjxnRHMpzbLE59k%2Fvg0JRAJp%2B72OykSoMNXHSCh8OT6GG2QglsXpxwoTWAyDIHt4FgmcBlY8TxNfs4vTcpyzJTpSgYt6W6PPs5xR3kUNwW2Mp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cee5efc4e98-FRA
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210623&jk=860049143814468&bg=!3N-l35vNAAYo4NJEKOA7ACkAdvg8WlFG0XhacYoIqFEFZdPUPMaasA89TIC5yk_Asg-ehf6U9Q1diwIAAABDUgAAAAtoAQcKAEf8IL6sTN4fU7i_-dke0TyAEgs3Ppi9OLtKz33HKjqnSlqT8KdiqaL-ipEJFOK11AsBGuGmkUfXjtWXq3oI3fdGGdx1w_eCO5kCdFiGe98Vs0is8HpXhAkiER5GLJQcf_EGtBZGmuv1681NY2IhVF6GsD7WlmoGWopEEvm-NnU7QqSCqfpZ8xMPf2hIDWdWt-Lj1uQQkuXt3BgJ214jUCBXH_78yU1nnM5pjJecD3xJ677lCJgOCcNQ2zk4A4IrqbtdgdluzLiOChGrHhBPvvl6B2SvEiROSkORuHuPU6mX9EpG1hQ_qNuQa9K1qVUHrDsS7XQeRp0rwLEIwkgcW5qUBJ-JzJdRF7E99kL4ypslCmNd8XcE0zOpbZIUV6thdmlmlLLl0-lYwd9JJnA6jszrUO-jWACaPBZ8HIZRxH11w2Gwo8-b5tEf63UrX-A49t407g--S9QycNYySOqbZnGh-qEGiYOGE-fXLj3VbLgFe-Un0fJnDfA3Hhi8nQ7wIMsYdD3ajuMRZD5nllMs1dZGBoH-smj3GZuXj_6ZOMuN8e4qbg1u9FMDiR1UHqSnFa8QXhDD9aVz0F_TU1U0xSDIMWz6Sf8mKMzy8RttRmYXDYw1JiG55NRHDWoO88GFMG5j9h_0db1tNm_L3hoeAcADdwK1oIWDSk-0SAuX2xsazhWYvjXTXauSs79WGOUDmZFigRvk36Gd3koIG6h0_ljsBdirxREGb6iBziNBdwp3DH7kD0tPGzus1yNLKvYpc5Mz7aI89KZZwxxvFVU2OPbG0HRBTeZHkU50h0yCU7_1Yhez1L5SZ-kWWgdTe3mHdKRDcF8g955IF1xkMD7B-IlJfItYXnqKrKJkdJ00akoe6hbCZYMx6KJiLZO2F9nbipE7nUpGGnTG-OI9XfknVCRSBAbX_LImgQA4v27A5R8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 02:02:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-218x150.jpg
all-news.co/wp-content/uploads/2021/06/
10 KB
11 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-218x150.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ea1aa4890b90865a6c7db5254a8c0cb0c8b8b2fb7d90bc6b6afd68b95b79aaa

Request headers

:path
/wp-content/uploads/2021/06/3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-218x150.jpg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6118
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10283
cf-request-id
0ae280690c00004e981d1f3000000001
last-modified
Thu, 24 Jun 2021 18:24:56 GMT
server
cloudflare
etag
"282b-5c58723db5582"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=J4rdJIHdT57EIJyhSsxM98CtYAVPjPhKZmf%2F8i%2Fm7eE%2FuIUA%2BDEyxuxnE%2BIzPX09v1RexeK8d%2Be9hjp1T5nvXj1YEAS800Ry7Fxnr6QL4jpSqx5YxzD1XvQ8hJFtFMpj%2FaNJmZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cee7f234e98-FRA
3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet-218x150.jpg
all-news.co/wp-content/uploads/2021/06/
12 KB
12 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet-218x150.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58860b2fca796e08b666eff111c58c96047557c0f0b1f70c9b34a191d6a4f6ad

Request headers

:path
/wp-content/uploads/2021/06/3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet-218x150.jpg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6118
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12172
cf-request-id
0ae280692400004e983c8bb000000001
last-modified
Thu, 24 Jun 2021 21:26:01 GMT
server
cloudflare
etag
"2f8c-5c589ab7bcc4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a6Xmb%2BeajqxKiSbTAqBw9v%2FjgrxNcwc%2B4%2BfhL41npppULwAHZqS0Sb3MZiXZS312dNgx8B7OdFR6RL6O2wxFZAqFlZuJ6NsBaClA4dW0MBOLiL%2BXdqLMXG1CEjtXRQIKW%2Bkkbjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cee9f534e98-FRA
3809-a-glitch-has-knocked-the-hubble-space-telescope-offline-for-now-218x150.jpeg
all-news.co/wp-content/uploads/2021/06/
10 KB
11 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3809-a-glitch-has-knocked-the-hubble-space-telescope-offline-for-now-218x150.jpeg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e6b6eb0ce5cf32fd711f67f87b99cb425d2cdbc8e9ec36dca22669a707124d

Request headers

:path
/wp-content/uploads/2021/06/3809-a-glitch-has-knocked-the-hubble-space-telescope-offline-for-now-218x150.jpeg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6118
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10721
cf-request-id
0ae280694b00004e98f81cd000000001
last-modified
Thu, 24 Jun 2021 21:25:54 GMT
server
cloudflare
etag
"29e1-5c589ab09a93a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QZ0hJ0xSU86HRuxJt0S%2B%2Ftl89fDSeWEucaL2pAEu7C35uGnTVbtKGvbZViYWikzeXeX9HLJf2k50Gpkm5uczaaRNengvKRR9ep4ipRVVPPgwp2Lmm1RYD41tk8zxDcG%2BYMvoZes%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9ceedf984e98-FRA
3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-218x150.jpg
all-news.co/wp-content/uploads/2021/06/
10 KB
11 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-218x150.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ea1aa4890b90865a6c7db5254a8c0cb0c8b8b2fb7d90bc6b6afd68b95b79aaa

Request headers

:path
/wp-content/uploads/2021/06/3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-218x150.jpg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6118
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10283
cf-request-id
0ae280698000004e984ea36000000001
last-modified
Thu, 24 Jun 2021 18:24:56 GMT
server
cloudflare
etag
"282b-5c58723db5582"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QCEEYmW7kAefjOgUfML5zDbYydPcevVYtc5kWrkItz3PDqjdpvek17d%2BpEn4tQfv5pVp04%2FQCT8P2CUCRBx%2B85zpt1owaSQRV%2FeOAFHP6GoGb3nUEz2S%2B3ceGemwrcCfTyJKluo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cef3feb4e98-FRA
3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-324x400.jpg
all-news.co/wp-content/uploads/2021/06/
29 KB
30 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-324x400.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c98991b16629fe139954a9e334e3fab62e9bdf7ff16fbb9c3c8ebad667200d2

Request headers

:path
/wp-content/uploads/2021/06/3807-new-york-giants-lb-tae-crowder-is-living-and-sharing-the-dream-324x400.jpg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6115
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
29848
cf-request-id
0ae2806a2900004e98f691e000000001
last-modified
Thu, 24 Jun 2021 18:24:56 GMT
server
cloudflare
etag
"7498-5c58723dc5753"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mOBVrWnLuJFwwiJs0SEazCWojZXIywbd56cWEaADWPdfqWJb25qV8r%2FSZO0L6dZ9LA8MFYqv8ULj6viXbpVdeSO1ohXHUrgK%2BZvivG%2B8DUyZrTIuCVhfUsNyEZMwImw14Apdb%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cf049754e98-FRA
3798-germany-v-hungary-follow-all-the-action-live-on-f365-324x400.jpg
all-news.co/wp-content/uploads/2021/06/
8 KB
9 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3798-germany-v-hungary-follow-all-the-action-live-on-f365-324x400.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d344d22787e95dcd2d7f9009d837443b5c0e1e60a2b5a0a7e5e80f405983a31f

Request headers

:path
/wp-content/uploads/2021/06/3798-germany-v-hungary-follow-all-the-action-live-on-f365-324x400.jpg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8211
cf-request-id
0ae2806a2a00004e983e120000000001
last-modified
Wed, 23 Jun 2021 21:25:09 GMT
server
cloudflare
etag
"2013-5c5758a8de1e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lWzwBz5oswc7Unv0dFK8hH%2Boiml7SrznmqBG10uy5Y3dz0KCSsWCOd8e8JC5Q9nXeCw64n7CyUHN6CHdJ97ghnFKw8Me63HkPPCFdd1v6vgkwzWWZ0caqgMG5j8yYVtgMfcS8TA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cf049774e98-FRA
3796-carl-nassib-comes-out-as-gay-but-most-nfl-players-stay-silent-324x400.jpg
all-news.co/wp-content/uploads/2021/06/
20 KB
20 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3796-carl-nassib-comes-out-as-gay-but-most-nfl-players-stay-silent-324x400.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f71f134bbf883cea5074c63aa431f273478cbdba9bdc54b4da8f07371334ba6

Request headers

:path
/wp-content/uploads/2021/06/3796-carl-nassib-comes-out-as-gay-but-most-nfl-players-stay-silent-324x400.jpg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
20317
cf-request-id
0ae2806a2a00004e981aa2a000000001
last-modified
Wed, 23 Jun 2021 18:24:37 GMT
server
cloudflare
etag
"4f5d-5c57304dcd11e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XoPDlRtXHYGVXoow1WHH%2Fp4J%2B9tvtwirQg%2FooZUcNJ1t3JyBi1AQr84nMS%2BG0J8KXJ%2Fn67n5j00FZz9K3ilCow4718piJC9GHbCJFHSRg9%2BNeeCuFImeWHPTr6pSR9m7x1DnUHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cf0497a4e98-FRA
3788-george-kittle-sheds-light-on-why-jacksonville-jaguars-tim-tebow-wasnt-invited-to-tight-end-university-324x400.jpg
all-news.co/wp-content/uploads/2021/06/
25 KB
26 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3788-george-kittle-sheds-light-on-why-jacksonville-jaguars-tim-tebow-wasnt-invited-to-tight-end-university-324x400.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa20f9e7343d64c290bdc35540987532d373794ecbb1151e3c986ef486448f25

Request headers

:path
/wp-content/uploads/2021/06/3788-george-kittle-sheds-light-on-why-jacksonville-jaguars-tim-tebow-wasnt-invited-to-tight-end-university-324x400.jpg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
26106
cf-request-id
0ae2806a2b00004e98f105f000000001
last-modified
Tue, 22 Jun 2021 18:24:38 GMT
server
cloudflare
etag
"65fa-5c55ee714861a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fznTd6QvqcVuuRMDXfY8%2BdHjOVLPnBJP5hxljb0q589PuQ25zMsG4JUspIJeP2rhFVBGd7uxsEHjqsAVwRElZHCI2Svp49UTsAtMLK03kDtDBr1cIrgkc9AsJepoh4k7k4ydgRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cf0497d4e98-FRA
admin-ajax.php
all-news.co/wp-admin/
0
740 B
XHR
General
Full URL
https://all-news.co/wp-admin/admin-ajax.php
Requested by
Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://all-news.co
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
content-length
51
:path
/wp-admin/admin-ajax.php
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://all-news.co/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-edge-cache
cache,platform=wordpress
date
Fri, 25 Jun 2021 02:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.25
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ae2806a3300004e98ec0d7000000001
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iI%2BkbFcR%2BYlm1monjJt6gU1tMXPpY5FfMTcsHMzXDNR3VpQiS3omxnAFEPRAAVlr3e4qstoZJNhXoDFIeaKLHI6%2BOdel3QuYMgsmRlhLScV4wG86v2d68MenwLXD639ybMh1LyA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://all-news.co
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
664a9cf059974e98-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
3813-how-kristin-experienced-a-new-beginning-with-the-hills-cast-696x392.com-698511
all-news.co/wp-content/uploads/2021/06/
27 KB
27 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3813-how-kristin-experienced-a-new-beginning-with-the-hills-cast-696x392.com-698511
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abf0533e5e140ff15423e8abba6e6909a4e9d3b9d59adaf7d16fd1d79515d355

Request headers

:path
/wp-content/uploads/2021/06/3813-how-kristin-experienced-a-new-beginning-with-the-hills-cast-696x392.com-698511
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 24 Jun 2021 21:26:05 GMT
server
cloudflare
etag
"6a12-5c589abb1b926"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5COBO9lAK8Bs4hJp3DvQhr0eEiKcYBIuWWYOCGHKSXVcBXyVo6b2GHIzVBOyHZRZcDHiKkf6mkOWz3pHu1r4wFrFIoiAUZFVu0uOk4AyYKXUGsSV0TtpyMYel%2FGEK43ZsBq0ivs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
664a9cf0fa4b4e98-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
27154
cf-request-id
0ae2806a9700004e9835abd000000001
3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet.jpg
all-news.co/wp-content/uploads/2021/06/
59 KB
60 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81db80c587a98eae3d670eecd0b2675418e4a5b25ebb85dc8bd3bef432c577df

Request headers

:path
/wp-content/uploads/2021/06/3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet.jpg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
60429
cf-request-id
0ae2806ab900004e98028b5000000001
last-modified
Thu, 24 Jun 2021 21:26:01 GMT
server
cloudflare
etag
"ec0d-5c589ab79a96d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=W80K2rJdL4HjM4Gb%2FL8erv1QcthjRWNBSmZesQ%2FgnzAaKPHl5oaIHD628zv2BYshGXIk339MSeu76BPmsmMtv9krReMh3gx%2B2HxCA1LZMNkcwtygq%2B7wZp23T3DEJxLtG5vPxLg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cf12a874e98-FRA
3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet.jpg
all-news.co/wp-content/uploads/2021/06/
59 KB
60 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81db80c587a98eae3d670eecd0b2675418e4a5b25ebb85dc8bd3bef432c577df

Request headers

:path
/wp-content/uploads/2021/06/3811-committed-to-restoring-jk-statehood-says-pm-modi-at-all-party-meet.jpg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
60429
cf-request-id
0ae2806aea00004e982e34f000000001
last-modified
Thu, 24 Jun 2021 21:26:01 GMT
server
cloudflare
etag
"ec0d-5c589ab79a96d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OsgDp3L6p7mtFIZAaVlNZoXz6XgxMOnPgar8mF1mNHR26JNh22QbzuiQkNRzRn3Ogf9lm%2FQrcXZlCxKiWx7NeNI3rUQTG8YeUm0JwekAdfA9ePy7M65FxEBkG71yD3Q6N57oqVw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cf17b024e98-FRA
3813-how-kristin-experienced-a-new-beginning-with-the-hills-cast-485x360.com-698511
all-news.co/wp-content/uploads/2021/06/
19 KB
20 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3813-how-kristin-experienced-a-new-beginning-with-the-hills-cast-485x360.com-698511
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2ec2a67f23552247ed4784ed8162314db4b814545cdc7e0b82e4b8123b91e27

Request headers

:path
/wp-content/uploads/2021/06/3813-how-kristin-experienced-a-new-beginning-with-the-hills-cast-485x360.com-698511
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:19 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 24 Jun 2021 21:26:05 GMT
server
cloudflare
etag
"4d0e-5c589abb049f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=twYmN%2Fn0tj%2BYWlAV0uy23AV5gep%2FMDAOlQ%2FcJt7nc8gEvlvW3n%2FhzoHzzbKm%2F2BBBTPpfMwY%2FYCwLbmjPODxVgZGkSOOWDNnw9amwo%2BnGl0hR%2BB0kynTPz%2BGuDd0N4RU%2BrUOg5k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
664a9cf19b2c4e98-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19726
cf-request-id
0ae2806afa00004e98602ad000000001
3796-carl-nassib-comes-out-as-gay-but-most-nfl-players-stay-silent-324x400.jpg
all-news.co/wp-content/uploads/2021/06/
20 KB
20 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3796-carl-nassib-comes-out-as-gay-but-most-nfl-players-stay-silent-324x400.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f71f134bbf883cea5074c63aa431f273478cbdba9bdc54b4da8f07371334ba6

Request headers

:path
/wp-content/uploads/2021/06/3796-carl-nassib-comes-out-as-gay-but-most-nfl-players-stay-silent-324x400.jpg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:20 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
20317
cf-request-id
0ae2806e1c00004e9820baa000000001
last-modified
Wed, 23 Jun 2021 18:24:37 GMT
server
cloudflare
etag
"4f5d-5c57304dcd11e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tSat8hpmF9to%2BzL4i%2FLozYE%2F5BJdtv2cwgGMLEedewECj8IEy5NLnjyksl%2BEqfewp56hO0kd5HYLdSbQp65U7hm9G5Te5POaBGpfqFscCVVA5tIyg%2Fl%2FztWGDLnl4Ru4YVM9AyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cf699494e98-FRA
3788-george-kittle-sheds-light-on-why-jacksonville-jaguars-tim-tebow-wasnt-invited-to-tight-end-university-324x400.jpg
all-news.co/wp-content/uploads/2021/06/
25 KB
26 KB
Image
General
Full URL
https://all-news.co/wp-content/uploads/2021/06/3788-george-kittle-sheds-light-on-why-jacksonville-jaguars-tim-tebow-wasnt-invited-to-tight-end-university-324x400.jpg
Requested by
Host: all-news.co
URL: https://all-news.co/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa20f9e7343d64c290bdc35540987532d373794ecbb1151e3c986ef486448f25

Request headers

:path
/wp-content/uploads/2021/06/3788-george-kittle-sheds-light-on-why-jacksonville-jaguars-tim-tebow-wasnt-invited-to-tight-end-university-324x400.jpg
pragma
no-cache
cookie
_awl=2.1624586539.0.4-bae31bd6-e50a786d263fdc484ba5cc74e8825371-6763652d6575726f70652d7765737431-60d5392b-0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
all-news.co
referer
https://all-news.co/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://all-news.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 02:02:20 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
26106
cf-request-id
0ae2806e1c00004e980d2a7000000001
last-modified
Tue, 22 Jun 2021 18:24:38 GMT
server
cloudflare
etag
"65fa-5c55ee714861a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dk8rbphge10z0juFCl%2FAhod10OQuOG5GhjeEi2%2FoU9WkeQoFlg8X3VXFsw26xdGJ9A64xbKvgrFlFRrTHxhfpw3K8eKm77lJ%2BZXeCXfx4KgjMH7jxj%2Fd0Leb1YJtk8BWe97Fcfk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
664a9cf6994a4e98-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=&google_push=AYg5qPKlSN6PHMx67v2HxbaZ5UqehSk96IgSgvm80cSwR5-EFzHEOBn_2zKUiGkhdZihZ--Mjuipb3sVqR6rjs7jTSU745n9VqeD&google_gid=CAESENk1_F6YbuK1JsfTynJ7rv4&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPK7Wczbx0Hr5h80_r5da5ogzAzb8idtMsT__TGTGBJ4b7mR41QoU04oNeEy7aFiX9SZL5Rkz2apABP8cUM2YOV8xr5eAKZG&google_gid=CAESECB6cfIHVmqM9LSA4Wa2xFw&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPIF6AdHq_cDPp9l-YY8mOtUJy_2ikpWLoBnwU8CRqkNoRSKtMAaXQV3traL0F-XwhnWsWCKB7jIOn-fAXYgUrWYHXuUALTr&google_gid=CAESEFsHH5jeG3gK7L9pGBRyTC8&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_cver=1&google_gid=CAESEPeC5qVNDRo2rSKZFTUDPN4&google_push=AYg5qPLxfYO8rkr9wTNRbKrHGpqW0VVofM09ttH5CAYZoNxKk758HNTpqCJhdeWbVye0A_d6bV5c7B5vOmVMFNMiJ3B9RnPsIFifvA
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YNU5KbAUC8syxkrb4NK2tAAABFYAAAIB&google_push=AYg5qPJGgnnCWAlbNrWRO95VRsSOWq1Dl6QXsS78sP4rXONFhKtXfMlJLhhj2unYS_5i_-Hn8bHKTrs8W8z5Fd9NPrlG4NjNgR_y&google_cver=1&google_gid=CAESEOVGTAo-arTmbDjqYoZZ8U0

Verdicts & Comments Add Verdict or Comment

232 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| twemoji object| wp function| admiral object| googletag undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP string| GoogleAnalyticsObject function| ga object| tdb_globals object| tdwGlobal object| tdaGlobal function| documentInitOneSignal object| OneSignal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tds_general_modal_image string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce string| tdsDateFormat object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| block_tdi_50 string| google_user_agent_client_hint object| block_tdi_66 object| block_tdi_72 object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| 4dm1r11545242527 object| block_tdi_80 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests object| block_tdi_88 object| block_tdi_89 object| block_tdi_102 object| block_tdi_103 object| block_tdi_108 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| block_tdi_111 object| block_tdi_120 object| block_tdi_123 object| block_tdi_126 object| block_tdi_137 number| td_screen_width object| block_tdi_141 object| block_tdi_152 object| block_tdi_155 object| anOptions function| _ object| tdbAutoload object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdConfirm function| $f function| onYouTubeIframeAPIReady object| addComment object| ajax_object undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdcPostSettings function| tdbGetMobileTemplates object| _oneSignalInitOptions string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| srcReplaceableElms function| date object| GoogleGcLKhOms

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUly3R3x2Rezq9Vl6A6CU2qe0AVhl4_XWmcfSXz4_b7ULGeY706ZPKREdQu02Vg

5 Console Messages

Source Level URL
Text
console-api log URL: https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.2(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
all-news.co
analytics-wg.webgains.io
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
cdn.onesignal.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
diapi.webgains.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
static-de.ad4mat.net
steadfastsystem.com
storage.googleapis.com
tpc.googlesyndication.com
track.webgains.com
w-it.m-t.io
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
104.111.239.217
13.225.87.68
134.119.194.231
142.250.181.230
142.250.184.226
18.195.172.136
185.64.189.115
23.45.99.241
2600:1901:0:76b9::
2606:4700:3032::6815:57ae
2606:4700:3032::ac43:8293
2606:4700:3039::6815:c034
2606:4700::6812:e234
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2010
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400d:809::2013
2a05:d01c:1d8:8102:d5a3:82d4:c5d1:6c2f
34.98.67.61
35.186.253.211
35.190.90.202
35.244.174.68
46.236.13.147
52.18.11.109
52.213.6.221
65.9.77.116
69.173.144.139
79.137.68.187
81.29.72.47
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1
051451d034c0ad3bed03c213a8bfff3d9019f2019bc321ff5a32247b72faf126
07db5dcc727f143113c6f3a7a5d35fe979ec5ac12de1a37babb580972607f9fb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e
0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ed1655a19216276f3eba2b2fc91f050bc40a0fb36208512f4be89cb5d772c7f
0f71f134bbf883cea5074c63aa431f273478cbdba9bdc54b4da8f07371334ba6
134d59e547845bfd70264348ed853af8987bbfe2c4cfc72901a74760b8f8c4b5
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
15c510fe49c3ec5fd57ac7ead341655699156a63fe10195347dfeae1dc53f909
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
1b0f0c8d5849fc275eb00013b3c68bee89eaf2ef0fa677bf418c6d51aa594c87
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
2106fcd6d70620c8263e1f3632f4933a103d68c2844a85595b2f1c877464892b
231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
261355997b4cbeb541354842b8cd4eac42ea8f1b3ce2c3117ac72cbfe29139ea
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2aebbc030b7fd6ebb20c85391683a71382b5097991dc33d286a772f3bb1e2751
2b515a59174f30fe7c694f1b81a78f567ce671b24988e2e6e737ecaed26871af
2c98991b16629fe139954a9e334e3fab62e9bdf7ff16fbb9c3c8ebad667200d2
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5a7e4585e29df53872541ed63901049bf704de5a2df6fc1efc2aa320535acc
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
3ceae493ba2fb4e513e151a8c8bd98f58f35b519147aab0ab8ced6da9724a6a3
45438ac938e6613185f4cec0aac33ce6946e88ece9ffd9f916859e08d6509454
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4b1cbc383ac806637d5f810b9ef3c4a90aec32ccf3329e9e043405effda5828d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55f25cca5e1949d661fef811d8172b33e11683384fba8a52daee739e13d253f8
5754eb7a631df7300a4add38762438f59bcf8ac0610aa115a88426eb76f40854
58860b2fca796e08b666eff111c58c96047557c0f0b1f70c9b34a191d6a4f6ad
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c9f00a5cb6f90d582089eb97328f472d2a77851b25fd82b52b81aa12df83b0a
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
687664f81f53e508f1215fd0dcc1d9b9e489441f1536177024b559808c2f53ec
6956cbfddf2ce28aee043ecd2b7dbc3ada3954646d7009c6dd1b5ca173f136f9
6989d76de1215b8a02a8884610090fdd1d4db97c6db9ac9130259d66e4540e53
6b20a6a07ab8b2f3e215ec0d2dd9c2da50dd3d9bf8d4595912d2a6ff9bd88593
6b3f836d360ac3910efc2fdf7db41dfbfd0af1971a905291cfd1d45469caaee0
6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
6e31bb0c654968cfe0fb956a9d6dcf770846ce378c9ba298bbe6b5f07f8ae17b
6e9503e4c5b5ac098fa4ff7d3642d7d1780e67cdfd1b46e5cd2753b19ade0549
6ea1aa4890b90865a6c7db5254a8c0cb0c8b8b2fb7d90bc6b6afd68b95b79aaa
7167d98c8fcd2cb5b9cefa7741a83503479e45ebf46cab634437c4d9ecda4dc5
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74c45b1e22bc84c701252c21f705f67107151b11b129dab14659cb593aacd6c7
75218e18ad16a7a767fd01e50489f114e7433555172f6207430670f054863944
77bdbdb26caab6be5eeb8a5e91273db9d1ea94929bf1ae6b5bab9033d9d41faf
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7b136f2755dc6847f5fb531065d41450fed78dd9a8d8b944d17b3682c2a3b488
7da8d792ef771180eef9e592f2a3b5ebcc0f74eea6f5475d1a1e9e5665bb8448
800ced4a3950b2d3cc18b23fe46226319aeb5989ba4b7c95abe854145cd88722
81db80c587a98eae3d670eecd0b2675418e4a5b25ebb85dc8bd3bef432c577df
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8f78d7d0dc05cd36b1fd3bbf0175b4a019753700b6bfcaaba254146889135c38
8f8c9f1c471da8dae19554e26c6c423f31e5e687ea3892e4a73ada4be3179f86
90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6
92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818
9f89adb807450b421fba04a426e97d1ee2fdd2ec3be9b67c0d9bb8531b782bce
9fb557165b1e690325427140f50a990a0fe6dd6eee363510a374ba8c72593d62
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aa20f9e7343d64c290bdc35540987532d373794ecbb1151e3c986ef486448f25
aa62551ffb9f4f300d58b68cf6d4fddb7fc49ce1ed40d05fd4064156b0dc5837
aaa0052f5cd036c440a42fba9bec293af6f3985b3f1700fd96960c131ae7f798
aae8046ff00844fcefbdf463127c144381d2b6f664b8b2a2029e3c1c750e0fa2
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
abf0533e5e140ff15423e8abba6e6909a4e9d3b9d59adaf7d16fd1d79515d355
ac8adf5db9af0b3559d19613da00c69dc4ed15b91d3ef9c726be8a38e2e0514e
b120b3a3189b7a9e64c28d88190480f819089049229db7714693dc3e06926d29
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b2a92323d747977734e854a35e59ca60e48c69d6f43d1aaedf879d708d91e080
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
beb629fa016bab599c7790beafda967e627eef5402f7d8f74ec334900b2aaaa8
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c518ad5d0adbc0754bac8b71c958312a6bd77d4e318500fec44d929e00f857ec
c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a
c5e6b6eb0ce5cf32fd711f67f87b99cb425d2cdbc8e9ec36dca22669a707124d
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d2ec2a67f23552247ed4784ed8162314db4b814545cdc7e0b82e4b8123b91e27
d344d22787e95dcd2d7f9009d837443b5c0e1e60a2b5a0a7e5e80f405983a31f
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
d641d794ffeb8ab4a93449307f4da1d4cb4a9c7020ad7da4c2f630b03de6d1f7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d89e938fe1ae43fab7b2c2724a54677a3f4ff882075196ef184993bd63ffd6b3
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
df85aac876d06864d10bb0fc5f45c6fa28870ed4eda966f3082d52e42173d962
e2acdfd638e38c3f45aa7059762e04d41564ae6c487cf579b5f3ab15c808c377
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ae14082f4d2088f2bcc4f8e3da3955343dd1e39e0a5f9333c45d6428c3cfc5
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f25aa966d01136d409d218085ada8afcc4ec79b216c9d8d231171a2e22a9cffc
f722a571a6ddc2c4b3ae3aa1d2c80c29033ddfaf8fe9abbd4a3ac8a7006cbd91
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77
fb73a045ae2d467a4f4b9a2c460cafc5ffd08a77a4dd9f580b687e749f14bd8f
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fe8b2264b7ef7ae4f5b3ee5fa827b2744a843804a417cc0b39a4f0e9f64f07ed